VDB
WID-SEC-W-2026-0090
WID-SEC-W-2026-0090
PUBLISHED
CVSS 9.300000190734863 CRITICAL
Firefox ist ein Open Source Web Browser. Thunderbird ist ein Open Source E-Mail Client.
Risk Scores
CVSS v4.0
9.300000190734863
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mozilla Firefox ESR <140.7 | ||
| Red Hat Enterprise Linux | ||
| Mozilla Thunderbird ESR 140.7 | ||
| Mozilla Thunderbird <147 | ||
| Mozilla Firefox ESR 140.7 | ||
| Mozilla Firefox ESR <115.32 | ||
| Mozilla Thunderbird 147 | ||
| Mozilla Thunderbird ESR <140.7 | ||
| Oracle Linux | ||
| Mozilla Firefox <147 | ||
| Debian Linux | ||
| SUSE openSUSE | ||
| Mozilla Firefox ESR 115.32 | ||
| Ubuntu Linux | ||
| Mozilla Firefox 147 | ||
| SUSE Linux | ||
| RESF Rocky Linux |
Exploit Intelligence
- https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-0090.json (circl)
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0090 (circl)
- https://www.mozilla.org/en-US/security/advisories/mfsa2026-01/ (circl)
- https://www.mozilla.org/en-US/security/advisories/mfsa2026-02/ (circl)
- https://www.mozilla.org/en-US/security/advisories/mfsa2026-03/ (circl)
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/MWE7GIFYIBLX76K6B34TZZ67PXOQMQY6/ (circl)
- https://access.redhat.com/errata/RHSA-2026:0667 (circl)
- https://lists.suse.com/pipermail/sle-security-updates/2026-January/023741.html (circl)
- https://www.mozilla.org/en-US/security/advisories/mfsa2026-04/ (circl)
- https://www.mozilla.org/en-US/security/advisories/mfsa2026-05/ (circl)
…and 40 more exploits
Timeline
- Jan 13, 2026 CVE Published
- Feb 4, 2026 CVE Updated
- Apr 29, 2026 Distribution Patch
- Apr 29, 2026 Distribution Patch
- Apr 29, 2026 Distribution Patch
- Apr 29, 2026 Distribution Patch
- Apr 29, 2026 Distribution Patch
- Apr 29, 2026 Distribution Patch
- Apr 29, 2026 Distribution Patch
- Apr 29, 2026 Distribution Patch
- Apr 29, 2026 Distribution Patch
- Apr 29, 2026 Distribution Patch
References
- https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-0090.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0090 advisory
- https://www.mozilla.org/en-US/security/advisories/mfsa2026-01/ url
- https://www.mozilla.org/en-US/security/advisories/mfsa2026-02/ url
- https://www.mozilla.org/en-US/security/advisories/mfsa2026-03/ url
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/MWE7GIFYIBLX76K6B34TZZ67PXOQMQY6/ url
- https://access.redhat.com/errata/RHSA-2026:0667 url
- https://lists.suse.com/pipermail/sle-security-updates/2026-January/023741.html url
- https://www.mozilla.org/en-US/security/advisories/mfsa2026-04/ url
- https://www.mozilla.org/en-US/security/advisories/mfsa2026-05/ url
- https://access.redhat.com/errata/RHSA-2026:0694 url
- https://lists.debian.org/debian-lts-announce/2026/01/msg00010.html url
- https://lists.debian.org/debian-security-announce/2026/msg00009.html url
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/2E4U6WVD3HP25MAGYON4BCRAFHCTX3SC/ url
- https://errata.build.resf.org/RLSA-2026:0667 url
- https://errata.build.resf.org/RLSA-2026:0694 url
- https://lists.debian.org/debian-security-announce/2026/msg00011.html url
- https://linux.oracle.com/errata/ELSA-2026-0694.html url
- https://linux.oracle.com/errata/ELSA-2026-0667.html url
- https://lists.debian.org/debian-lts-announce/2026/01/msg00013.html url
…and 19 more