Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
7.5
Thunderbird: Unpatched Flaw Allows Malicious Email Attachment Execution
RHSA-2026:3982
Summary
A security issue in Thunderbird allows attackers to execute malicious code on your computer by sending a specially crafted email attachment. This means that if you open an email with this type of attachment, it could potentially harm your system. Update Thunderbird to the latest version to fix this issue.
What to do
- Update redhat thunderbird to version 0:140.8.0-1.el9_6.
- Update redhat thunderbird-debuginfo to version 0:140.8.0-1.el9_6.
- Update redhat thunderbird-debugsource to version 0:140.8.0-1.el9_6.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| redhat | thunderbird | <= 0:140.8.0-1.el9_6 | 0:140.8.0-1.el9_6 |
| redhat | thunderbird-debuginfo | <= 0:140.8.0-1.el9_6 | 0:140.8.0-1.el9_6 |
| redhat | thunderbird-debugsource | <= 0:140.8.0-1.el9_6 | 0:140.8.0-1.el9_6 |
Original title
Red Hat Security Advisory: thunderbird security update
osv CVSS3.1
7.5
- https://access.redhat.com/errata/RHSA-2026:3982 Vendor Advisory
- https://access.redhat.com/security/updates/classification/#important Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2440219 Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2442284 Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2442287 Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2442288 Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2442290 Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2442291 Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2442292 Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2442294 Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2442295 Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2442297 Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2442298 Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2442300 Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2442302 Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2442304 Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2442307 Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2442308 Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2442309 Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2442312 Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2442313 Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2442314 Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2442316 Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2442318 Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2442319 Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2442320 Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2442322 Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2442324 Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2442325 Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2442326 Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2442327 Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2442328 Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2442329 Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2442331 Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2442333 Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2442334 Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2442335 Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2442337 Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2442342 Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2442343 Third Party Advisory
- https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_3982.j... Vendor Advisory
- https://access.redhat.com/security/cve/CVE-2026-2447 Third Party Advisory
- https://www.cve.org/CVERecord?id=CVE-2026-2447 Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2026-2447 Vendor Advisory
- https://bugzilla.mozilla.org/show_bug.cgi?id=2014390 Third Party Advisory
- https://www.mozilla.org/security/advisories/mfsa2026-10/ Third Party Advisory
- https://access.redhat.com/security/cve/CVE-2026-2757 Third Party Advisory
- https://www.cve.org/CVERecord?id=CVE-2026-2757 Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2026-2757 Vendor Advisory
- https://www.mozilla.org/security/advisories/mfsa2026-15/#CVE-2026-2757 Third Party Advisory
- https://www.mozilla.org/security/advisories/mfsa2026-17/#CVE-2026-2757 Third Party Advisory
- https://access.redhat.com/security/cve/CVE-2026-2758 Third Party Advisory
- https://www.cve.org/CVERecord?id=CVE-2026-2758 Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2026-2758 Vendor Advisory
- https://www.mozilla.org/security/advisories/mfsa2026-15/#CVE-2026-2758 Third Party Advisory
- https://www.mozilla.org/security/advisories/mfsa2026-17/#CVE-2026-2758 Third Party Advisory
- https://access.redhat.com/security/cve/CVE-2026-2759 Third Party Advisory
- https://www.cve.org/CVERecord?id=CVE-2026-2759 Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2026-2759 Vendor Advisory
- https://www.mozilla.org/security/advisories/mfsa2026-15/#CVE-2026-2759 Third Party Advisory
- https://www.mozilla.org/security/advisories/mfsa2026-17/#CVE-2026-2759 Third Party Advisory
- https://access.redhat.com/security/cve/CVE-2026-2760 Third Party Advisory
- https://www.cve.org/CVERecord?id=CVE-2026-2760 Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2026-2760 Vendor Advisory
- https://www.mozilla.org/security/advisories/mfsa2026-15/#CVE-2026-2760 Third Party Advisory
- https://www.mozilla.org/security/advisories/mfsa2026-17/#CVE-2026-2760 Third Party Advisory
- https://access.redhat.com/security/cve/CVE-2026-2761 Third Party Advisory
- https://www.cve.org/CVERecord?id=CVE-2026-2761 Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2026-2761 Vendor Advisory
- https://www.mozilla.org/security/advisories/mfsa2026-15/#CVE-2026-2761 Third Party Advisory
- https://www.mozilla.org/security/advisories/mfsa2026-17/#CVE-2026-2761 Third Party Advisory
- https://access.redhat.com/security/cve/CVE-2026-2762 Third Party Advisory
- https://www.cve.org/CVERecord?id=CVE-2026-2762 Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2026-2762 Vendor Advisory
- https://www.mozilla.org/security/advisories/mfsa2026-15/#CVE-2026-2762 Third Party Advisory
- https://www.mozilla.org/security/advisories/mfsa2026-17/#CVE-2026-2762 Third Party Advisory
- https://access.redhat.com/security/cve/CVE-2026-2763 Third Party Advisory
- https://www.cve.org/CVERecord?id=CVE-2026-2763 Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2026-2763 Vendor Advisory
- https://www.mozilla.org/security/advisories/mfsa2026-15/#CVE-2026-2763 Third Party Advisory
- https://www.mozilla.org/security/advisories/mfsa2026-17/#CVE-2026-2763 Third Party Advisory
- https://access.redhat.com/security/cve/CVE-2026-2764 Third Party Advisory
- https://www.cve.org/CVERecord?id=CVE-2026-2764 Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2026-2764 Vendor Advisory
- https://www.mozilla.org/security/advisories/mfsa2026-15/#CVE-2026-2764 Third Party Advisory
- https://www.mozilla.org/security/advisories/mfsa2026-17/#CVE-2026-2764 Third Party Advisory
- https://access.redhat.com/security/cve/CVE-2026-2765 Third Party Advisory
- https://www.cve.org/CVERecord?id=CVE-2026-2765 Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2026-2765 Vendor Advisory
- https://www.mozilla.org/security/advisories/mfsa2026-15/#CVE-2026-2765 Third Party Advisory
- https://www.mozilla.org/security/advisories/mfsa2026-17/#CVE-2026-2765 Third Party Advisory
- https://access.redhat.com/security/cve/CVE-2026-2766 Third Party Advisory
- https://www.cve.org/CVERecord?id=CVE-2026-2766 Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2026-2766 Vendor Advisory
- https://www.mozilla.org/security/advisories/mfsa2026-15/#CVE-2026-2766 Third Party Advisory
- https://www.mozilla.org/security/advisories/mfsa2026-17/#CVE-2026-2766 Third Party Advisory
- https://access.redhat.com/security/cve/CVE-2026-2767 Third Party Advisory
- https://www.cve.org/CVERecord?id=CVE-2026-2767 Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2026-2767 Vendor Advisory
- https://www.mozilla.org/security/advisories/mfsa2026-15/#CVE-2026-2767 Third Party Advisory
- https://www.mozilla.org/security/advisories/mfsa2026-17/#CVE-2026-2767 Third Party Advisory
- https://access.redhat.com/security/cve/CVE-2026-2768 Third Party Advisory
- https://www.cve.org/CVERecord?id=CVE-2026-2768 Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2026-2768 Vendor Advisory
- https://www.mozilla.org/security/advisories/mfsa2026-15/#CVE-2026-2768 Third Party Advisory
- https://www.mozilla.org/security/advisories/mfsa2026-17/#CVE-2026-2768 Third Party Advisory
- https://access.redhat.com/security/cve/CVE-2026-2769 Third Party Advisory
- https://www.cve.org/CVERecord?id=CVE-2026-2769 Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2026-2769 Vendor Advisory
- https://www.mozilla.org/security/advisories/mfsa2026-15/#CVE-2026-2769 Third Party Advisory
- https://www.mozilla.org/security/advisories/mfsa2026-17/#CVE-2026-2769 Third Party Advisory
- https://access.redhat.com/security/cve/CVE-2026-2770 Third Party Advisory
- https://www.cve.org/CVERecord?id=CVE-2026-2770 Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2026-2770 Vendor Advisory
- https://www.mozilla.org/security/advisories/mfsa2026-15/#CVE-2026-2770 Third Party Advisory
- https://www.mozilla.org/security/advisories/mfsa2026-17/#CVE-2026-2770 Third Party Advisory
- https://access.redhat.com/security/cve/CVE-2026-2771 Third Party Advisory
- https://www.cve.org/CVERecord?id=CVE-2026-2771 Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2026-2771 Vendor Advisory
- https://www.mozilla.org/security/advisories/mfsa2026-15/#CVE-2026-2771 Third Party Advisory
- https://www.mozilla.org/security/advisories/mfsa2026-17/#CVE-2026-2771 Third Party Advisory
- https://access.redhat.com/security/cve/CVE-2026-2772 Third Party Advisory
- https://www.cve.org/CVERecord?id=CVE-2026-2772 Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2026-2772 Vendor Advisory
- https://www.mozilla.org/security/advisories/mfsa2026-15/#CVE-2026-2772 Third Party Advisory
- https://www.mozilla.org/security/advisories/mfsa2026-17/#CVE-2026-2772 Third Party Advisory
- https://access.redhat.com/security/cve/CVE-2026-2773 Third Party Advisory
- https://www.cve.org/CVERecord?id=CVE-2026-2773 Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2026-2773 Vendor Advisory
- https://www.mozilla.org/security/advisories/mfsa2026-15/#CVE-2026-2773 Third Party Advisory
- https://www.mozilla.org/security/advisories/mfsa2026-17/#CVE-2026-2773 Third Party Advisory
- https://access.redhat.com/security/cve/CVE-2026-2774 Third Party Advisory
- https://www.cve.org/CVERecord?id=CVE-2026-2774 Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2026-2774 Vendor Advisory
- https://www.mozilla.org/security/advisories/mfsa2026-15/#CVE-2026-2774 Third Party Advisory
- https://www.mozilla.org/security/advisories/mfsa2026-17/#CVE-2026-2774 Third Party Advisory
- https://access.redhat.com/security/cve/CVE-2026-2775 Third Party Advisory
- https://www.cve.org/CVERecord?id=CVE-2026-2775 Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2026-2775 Vendor Advisory
- https://www.mozilla.org/security/advisories/mfsa2026-15/#CVE-2026-2775 Third Party Advisory
- https://www.mozilla.org/security/advisories/mfsa2026-17/#CVE-2026-2775 Third Party Advisory
- https://access.redhat.com/security/cve/CVE-2026-2776 Third Party Advisory
- https://www.cve.org/CVERecord?id=CVE-2026-2776 Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2026-2776 Vendor Advisory
- https://www.mozilla.org/security/advisories/mfsa2026-15/#CVE-2026-2776 Third Party Advisory
- https://www.mozilla.org/security/advisories/mfsa2026-17/#CVE-2026-2776 Third Party Advisory
- https://access.redhat.com/security/cve/CVE-2026-2777 Third Party Advisory
- https://www.cve.org/CVERecord?id=CVE-2026-2777 Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2026-2777 Vendor Advisory
- https://www.mozilla.org/security/advisories/mfsa2026-15/#CVE-2026-2777 Third Party Advisory
- https://www.mozilla.org/security/advisories/mfsa2026-17/#CVE-2026-2777 Third Party Advisory
- https://access.redhat.com/security/cve/CVE-2026-2778 Third Party Advisory
- https://www.cve.org/CVERecord?id=CVE-2026-2778 Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2026-2778 Vendor Advisory
- https://www.mozilla.org/security/advisories/mfsa2026-15/#CVE-2026-2778 Third Party Advisory
- https://www.mozilla.org/security/advisories/mfsa2026-17/#CVE-2026-2778 Third Party Advisory
- https://access.redhat.com/security/cve/CVE-2026-2779 Third Party Advisory
- https://www.cve.org/CVERecord?id=CVE-2026-2779 Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2026-2779 Vendor Advisory
- https://www.mozilla.org/security/advisories/mfsa2026-15/#CVE-2026-2779 Third Party Advisory
- https://www.mozilla.org/security/advisories/mfsa2026-17/#CVE-2026-2779 Third Party Advisory
- https://access.redhat.com/security/cve/CVE-2026-2780 Third Party Advisory
- https://www.cve.org/CVERecord?id=CVE-2026-2780 Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2026-2780 Vendor Advisory
- https://www.mozilla.org/security/advisories/mfsa2026-15/#CVE-2026-2780 Third Party Advisory
- https://www.mozilla.org/security/advisories/mfsa2026-17/#CVE-2026-2780 Third Party Advisory
- https://access.redhat.com/security/cve/CVE-2026-2781 Third Party Advisory
- https://www.cve.org/CVERecord?id=CVE-2026-2781 Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2026-2781 Vendor Advisory
- https://www.mozilla.org/security/advisories/mfsa2026-15/#CVE-2026-2781 Third Party Advisory
- https://www.mozilla.org/security/advisories/mfsa2026-17/#CVE-2026-2781 Third Party Advisory
- https://access.redhat.com/security/cve/CVE-2026-2782 Third Party Advisory
- https://www.cve.org/CVERecord?id=CVE-2026-2782 Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2026-2782 Vendor Advisory
- https://www.mozilla.org/security/advisories/mfsa2026-15/#CVE-2026-2782 Third Party Advisory
- https://www.mozilla.org/security/advisories/mfsa2026-17/#CVE-2026-2782 Third Party Advisory
- https://access.redhat.com/security/cve/CVE-2026-2783 Third Party Advisory
- https://www.cve.org/CVERecord?id=CVE-2026-2783 Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2026-2783 Vendor Advisory
- https://www.mozilla.org/security/advisories/mfsa2026-15/#CVE-2026-2783 Third Party Advisory
- https://www.mozilla.org/security/advisories/mfsa2026-17/#CVE-2026-2783 Third Party Advisory
- https://access.redhat.com/security/cve/CVE-2026-2784 Third Party Advisory
- https://www.cve.org/CVERecord?id=CVE-2026-2784 Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2026-2784 Vendor Advisory
- https://www.mozilla.org/security/advisories/mfsa2026-15/#CVE-2026-2784 Third Party Advisory
- https://www.mozilla.org/security/advisories/mfsa2026-17/#CVE-2026-2784 Third Party Advisory
- https://access.redhat.com/security/cve/CVE-2026-2785 Third Party Advisory
- https://www.cve.org/CVERecord?id=CVE-2026-2785 Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2026-2785 Vendor Advisory
- https://www.mozilla.org/security/advisories/mfsa2026-15/#CVE-2026-2785 Third Party Advisory
- https://www.mozilla.org/security/advisories/mfsa2026-17/#CVE-2026-2785 Third Party Advisory
- https://access.redhat.com/security/cve/CVE-2026-2786 Third Party Advisory
- https://www.cve.org/CVERecord?id=CVE-2026-2786 Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2026-2786 Vendor Advisory
- https://www.mozilla.org/security/advisories/mfsa2026-15/#CVE-2026-2786 Third Party Advisory
- https://www.mozilla.org/security/advisories/mfsa2026-17/#CVE-2026-2786 Third Party Advisory
- https://access.redhat.com/security/cve/CVE-2026-2787 Third Party Advisory
- https://www.cve.org/CVERecord?id=CVE-2026-2787 Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2026-2787 Vendor Advisory
- https://www.mozilla.org/security/advisories/mfsa2026-15/#CVE-2026-2787 Third Party Advisory
- https://www.mozilla.org/security/advisories/mfsa2026-17/#CVE-2026-2787 Third Party Advisory
- https://access.redhat.com/security/cve/CVE-2026-2788 Third Party Advisory
- https://www.cve.org/CVERecord?id=CVE-2026-2788 Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2026-2788 Vendor Advisory
- https://www.mozilla.org/security/advisories/mfsa2026-15/#CVE-2026-2788 Third Party Advisory
- https://www.mozilla.org/security/advisories/mfsa2026-17/#CVE-2026-2788 Third Party Advisory
- https://access.redhat.com/security/cve/CVE-2026-2789 Third Party Advisory
- https://www.cve.org/CVERecord?id=CVE-2026-2789 Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2026-2789 Vendor Advisory
- https://www.mozilla.org/security/advisories/mfsa2026-15/#CVE-2026-2789 Third Party Advisory
- https://www.mozilla.org/security/advisories/mfsa2026-17/#CVE-2026-2789 Third Party Advisory
- https://access.redhat.com/security/cve/CVE-2026-2790 Third Party Advisory
- https://www.cve.org/CVERecord?id=CVE-2026-2790 Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2026-2790 Vendor Advisory
- https://www.mozilla.org/security/advisories/mfsa2026-15/#CVE-2026-2790 Third Party Advisory
- https://www.mozilla.org/security/advisories/mfsa2026-17/#CVE-2026-2790 Third Party Advisory
- https://access.redhat.com/security/cve/CVE-2026-2791 Third Party Advisory
- https://www.cve.org/CVERecord?id=CVE-2026-2791 Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2026-2791 Vendor Advisory
- https://www.mozilla.org/security/advisories/mfsa2026-15/#CVE-2026-2791 Third Party Advisory
- https://www.mozilla.org/security/advisories/mfsa2026-17/#CVE-2026-2791 Third Party Advisory
- https://access.redhat.com/security/cve/CVE-2026-2792 Third Party Advisory
- https://www.cve.org/CVERecord?id=CVE-2026-2792 Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2026-2792 Vendor Advisory
- https://www.mozilla.org/security/advisories/mfsa2026-15/#CVE-2026-2792 Third Party Advisory
- https://www.mozilla.org/security/advisories/mfsa2026-17/#CVE-2026-2792 Third Party Advisory
- https://access.redhat.com/security/cve/CVE-2026-2793 Third Party Advisory
- https://www.cve.org/CVERecord?id=CVE-2026-2793 Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2026-2793 Vendor Advisory
- https://www.mozilla.org/security/advisories/mfsa2026-15/#CVE-2026-2793 Third Party Advisory
- https://www.mozilla.org/security/advisories/mfsa2026-17/#CVE-2026-2793 Third Party Advisory
Published: 9 Mar 2026 · Updated: 13 Mar 2026 · First seen: 9 Mar 2026