CVE-2026-1837 — Vulnetix

CVE-2026-1837 PUBLISHED

EPSS 0.03% · 9.5th percentile

Risk Scores

EPSS Score

0.03%

9.5th percentile

Affected Products

Vendor	Product	Versions
Amazon	thunderbird
Amazon	firefox

Exploit Intelligence

https://github.com/libjxl/libjxl/issues/4549 (cve.org)
build.ps1 (github-poc)
build.ps1 (github-poc)
build.ps1 (github-poc)
build.ps1 (github-poc)
build.ps1 (github-poc)
build.ps1 (github-poc)

Timeline

Feb 3, 2026 CVE ID Reserved
Feb 11, 2026 CVE Published
Feb 12, 2026 EPSS Score
Feb 14, 2026 EPSS Score
Feb 16, 2026 EPSS Score
Feb 18, 2026 EPSS Score
Feb 20, 2026 EPSS Score
Feb 22, 2026 EPSS Score
Feb 24, 2026 EPSS Score
Feb 26, 2026 EPSS Score
Feb 26, 2026 CVE Updated
Feb 28, 2026 EPSS Score

References

ALAS2-2026-3190: thunderbird (important) advisory
ALAS2FIREFOX-2026-053: firefox (important) advisory

Open in Interactive Console →

$ Console Community · 100/wk Open console ›