VDB
RHSA-2026%3A0004
RHSA-2026%3A0004
PUBLISHED
CVSS 7.5 HIGH
An update for thunderbird is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Risk Scores
CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat Enterprise Linux AppStream EUS (v.9.4) | ||
| thunderbird |
Exploit Intelligence
- h3raklez/CVE-2025-14321 (github-poc-repo)
- h3raklez/CVE-2025-14321 (github-poc-repo)
- WostGit/cve-2025-14325-full-repro (github-poc-repo)
- WostGit/cve-2025-14325-full-repro (github-poc-repo)
- WostGit/cve-2025-14325-full-repro (github-poc)
- WostGit/cve-2025-14325-full-repro (github-poc)
- h3raklez/CVE-2025-14321 (github-poc)
- h3raklez/CVE-2025-14321 (github-poc)
- https://bugzilla.redhat.com/show_bug.cgi?id=2420506 (circl)
- https://bugzilla.redhat.com/show_bug.cgi?id=2420513 (circl)
…and 11 more exploits
Timeline
- Jan 5, 2026 CVE Published
- Mar 18, 2026 CVE Updated
- Apr 30, 2026 Distribution Patch
- Apr 30, 2026 Distribution Patch
- Apr 30, 2026 Security Advisory
- May 1, 2026 Security Advisory
- May 1, 2026 Security Advisory
- May 1, 2026 Security Advisory
- May 1, 2026 Security Advisory
- May 1, 2026 Security Advisory
- May 1, 2026 Security Advisory
- May 1, 2026 Security Advisory
References
- https://access.redhat.com/errata/RHSA-2026:0004 advisory
- https://access.redhat.com/security/updates/classification/#important url
- https://bugzilla.redhat.com/show_bug.cgi?id=2420502 url
- https://bugzilla.redhat.com/show_bug.cgi?id=2420503 url
- https://bugzilla.redhat.com/show_bug.cgi?id=2420504 url
- https://bugzilla.redhat.com/show_bug.cgi?id=2420506 url
- https://bugzilla.redhat.com/show_bug.cgi?id=2420508 url
- https://bugzilla.redhat.com/show_bug.cgi?id=2420509 url
- https://bugzilla.redhat.com/show_bug.cgi?id=2420512 url
- https://bugzilla.redhat.com/show_bug.cgi?id=2420513 url
- https://bugzilla.redhat.com/show_bug.cgi?id=2420516 url
- https://bugzilla.redhat.com/show_bug.cgi?id=2420517 url
- https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_0004.json advisory