CVE-2026-22693 — Vulnetix

CVE-2026-22693 PUBLISHED

EPSS 0.09% · 25.4th percentile

Risk Scores

EPSS Score

0.09%

25.4th percentile

Affected Products

Vendor	Product	Versions
Amazon	thunderbird
Amazon	firefox

Exploit Intelligence

http://www.openwall.com/lists/oss-security/2026/01/11/1 (circl)
http://www.openwall.com/lists/oss-security/2026/01/12/1 (circl)
https://github.com/harfbuzz/harfbuzz/security/advisories/GHSA-xvjr-f2r9-c7ww (circl)
https://github.com/harfbuzz/harfbuzz/commit/1265ff8d990284f04d8768f35b0e20ae5f60daae (circl)
CIRCL seen: CVE-2026-22693 (circl-sighting)
CIRCL seen: CVE-2026-22693 (circl-sighting)
CIRCL seen: CVE-2026-22693 (circl-sighting)
CPANSA-HarfBuzz-Shaper.yml (github-poc)
CPANSA-HarfBuzz-Shaper.yml (github-poc)
CPANSA-HarfBuzz-Shaper.yml (github-poc)

…and 9 more exploits

Timeline

Jan 10, 2026 EPSS Score
Jan 10, 2026 CVE Published
Jan 12, 2026 PoC Published
Jan 12, 2026 PoC Published
Jan 13, 2026 EPSS Score
Jan 16, 2026 EPSS Score
Jan 19, 2026 EPSS Score
Jan 22, 2026 EPSS Score
Jan 26, 2026 EPSS Score
Jan 26, 2026 PoC Published
Jan 29, 2026 EPSS Score
Feb 1, 2026 EPSS Score

References

ALAS2-2026-3171: thunderbird (medium) advisory
ALAS2FIREFOX-2026-051: firefox (medium) advisory

Open in Interactive Console →

$ Console Community · 100/wk Open console ›