[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2018-18509":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T20:55:33.689Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":27,"aliases":28,"duplicate_of":9,"upstream":29,"downstream":30,"duplicates":59,"related":60,"reserved_at":9,"published_at":67,"modified_at":68,"state":69,"summary":70,"references_raw":79,"kevs":128,"epss":129,"epss_history":132,"metrics":401,"affected":411},"CVE-2018-18509","A flaw during verification of certain S/MIME signatures causes emails to be shown in Thunderbird as having a valid digital signature, even if the shown message contents aren't covered by the signature. The flaw allows an attacker to reuse a valid S/MIME signature to craft an email message with arbitrary content. This vulnerability affects Thunderbird \u003C 60.5.1.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":18},"CWE-347","Improper Verification of Cryptographic Signature","The product does not verify, or incorrectly verifies, the cryptographic signature for data.","weakness","Draft","Base",[19,23],{"id":20,"name":21,"techniques":22},"CAPEC-463","Padding Oracle Crypto Attack",[],{"id":24,"name":25,"techniques":26},"CAPEC-475","Signature Spoofing by Improper Validation",[],[],[],[],[31,33,35,37,39,41,43,45,47,49,51,53,55,57],{"_key":32},"OPENSUSE-SU-2019:0249-1",{"_key":34},"RHSA-2019:0680",{"_key":36},"RHSA-2019:0681",{"_key":38},"RHSA-2019:1144",{"_key":40},"OPENSUSE-SU-2024:10601-1",{"_key":42},"SUSE-SU-2019:0469-1",{"_key":44},"SUSE-SU-2019:0853-1",{"_key":46},"OPENSUSE-SU-2019:1162-1",{"_key":48},"DLA-1678-1",{"_key":50},"DSA-4392-1",{"_key":52},"MGASA-2019-0088",{"_key":54},"UBUNTU-CVE-2018-18509",{"_key":56},"USN-3897-1",{"_key":58},"DEBIAN-CVE-2018-18509",[],[61,62,63,64,65,66],{"_key":32},{"_key":40},{"_key":42},{"_key":44},{"_key":46},{"_key":52},"2019-04-26T16:13:22.000Z","2024-08-05T11:08:21.996Z","Modified",{"cisa_kev":71,"cisa_ransomware":71,"cisa_vendor":9,"epss_severity":72,"epss_score":73,"severity":74,"severity_score":75,"severity_version":76,"severity_source":77,"severity_vector":78,"severity_status":69},false,"low",0.00252,"medium",5.3,"v3.0","nvd","CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",[80,87,92,98,105,110,115,120,124],{"url":81,"sources":82,"tags":84},"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00043.html",[83,77],"cve.org",[85,86],"Vendor Advisory","X Refsource SUSE",{"url":88,"sources":89,"tags":90},"https://www.mozilla.org/security/advisories/mfsa2019-06/",[83,77],[91,85],"X Refsource MISC",{"url":93,"sources":94,"tags":95},"https://bugzilla.mozilla.org/show_bug.cgi?id=1507218",[83,77],[91,96,97,85],"Issue Tracking","Permissions Required",{"url":99,"sources":100,"tags":101},"http://www.openwall.com/lists/oss-security/2019/04/30/4",[83,77],[102,103,104],"Mailing List","X Refsource MLIST","Third Party Advisory",{"url":106,"sources":107,"tags":108},"http://seclists.org/fulldisclosure/2019/Apr/38",[83,77],[102,109,104],"X Refsource FULLDISC",{"url":111,"sources":112,"tags":113},"http://packetstormsecurity.com/files/152703/Johnny-You-Are-Fired.html",[83,77],[91,104,114],"VDB Entry",{"url":116,"sources":117,"tags":118},"https://access.redhat.com/errata/RHSA-2019:1144",[83,77],[85,119],"X Refsource REDHAT",{"url":121,"sources":122,"tags":123},"https://github.com/RUB-NDS/Johnny-You-Are-Fired",[83,77],[91],{"url":125,"sources":126,"tags":127},"https://github.com/RUB-NDS/Johnny-You-Are-Fired/blob/master/paper/johnny-fired.pdf",[83,77],[91],[],{"date":130,"score":73,"percentile":131},"2026-06-05",0.48788,[133,137,140,143,146,149,152,155,158,161,164,167,170,173,175,179,182,185,187,190,193,196,199,202,205,208,211,214,217,220,223,226,229,232,235,238,241,244,246,249,252,255,258,260,263,267,270,273,276,279,282,285,288,291,294,297,300,303,306,309,312,315,318,321,324,327,330,333,336,339,342,345,348,351,354,357,360,363,366,368,371,374,377,380,383,386,389,392,395,398],{"date":134,"score":135,"percentile":136},"2025-11-04",0.0028,0.51005,{"date":138,"score":135,"percentile":139},"2025-11-05",0.50985,{"date":141,"score":135,"percentile":142},"2025-11-06",0.51002,{"date":144,"score":135,"percentile":145},"2025-11-07",0.51025,{"date":147,"score":135,"percentile":148},"2025-11-08",0.51029,{"date":150,"score":135,"percentile":151},"2025-11-09",0.51017,{"date":153,"score":135,"percentile":154},"2025-11-10",0.50987,{"date":156,"score":135,"percentile":157},"2025-11-11",0.51004,{"date":159,"score":135,"percentile":160},"2025-11-12",0.51028,{"date":162,"score":135,"percentile":163},"2025-11-13",0.51031,{"date":165,"score":135,"percentile":166},"2025-11-14",0.51036,{"date":168,"score":135,"percentile":169},"2025-11-15",0.5103,{"date":171,"score":135,"percentile":172},"2025-11-16",0.51009,{"date":174,"score":135,"percentile":154},"2025-11-17",{"date":176,"score":177,"percentile":178},"2025-11-18",0.00307,0.50991,{"date":180,"score":177,"percentile":181},"2025-11-19",0.51003,{"date":183,"score":177,"percentile":184},"2025-11-20",0.50988,{"date":186,"score":135,"percentile":181},"2025-11-21",{"date":188,"score":135,"percentile":189},"2025-11-22",0.50998,{"date":191,"score":135,"percentile":192},"2025-11-23",0.50959,{"date":194,"score":135,"percentile":195},"2025-11-24",0.50952,{"date":197,"score":135,"percentile":198},"2025-11-25",0.5096,{"date":200,"score":135,"percentile":201},"2025-11-26",0.50961,{"date":203,"score":135,"percentile":204},"2025-11-27",0.50967,{"date":206,"score":135,"percentile":207},"2025-11-28",0.50931,{"date":209,"score":135,"percentile":210},"2025-11-29",0.50911,{"date":212,"score":135,"percentile":213},"2025-11-30",0.509,{"date":215,"score":135,"percentile":216},"2025-12-01",0.51052,{"date":218,"score":135,"percentile":219},"2025-12-02",0.51075,{"date":221,"score":135,"percentile":222},"2025-12-03",0.51071,{"date":224,"score":135,"percentile":225},"2025-12-04",0.50914,{"date":227,"score":135,"percentile":228},"2025-12-05",0.50939,{"date":230,"score":135,"percentile":231},"2025-12-06",0.50938,{"date":233,"score":135,"percentile":234},"2025-12-07",0.50929,{"date":236,"score":135,"percentile":237},"2025-12-08",0.50932,{"date":239,"score":135,"percentile":240},"2025-12-09",0.50953,{"date":242,"score":135,"percentile":243},"2025-12-10",0.51018,{"date":245,"score":135,"percentile":166},"2025-12-11",{"date":247,"score":135,"percentile":248},"2025-12-12",0.51068,{"date":250,"score":135,"percentile":251},"2025-12-13",0.51054,{"date":253,"score":135,"percentile":254},"2025-12-14",0.5104,{"date":256,"score":135,"percentile":257},"2025-12-15",0.5102,{"date":259,"score":135,"percentile":169},"2025-12-16",{"date":261,"score":135,"percentile":262},"2025-12-17",0.51051,{"date":264,"score":265,"percentile":266},"2025-12-18",0.00262,0.49419,{"date":268,"score":265,"percentile":269},"2025-12-19",0.49426,{"date":271,"score":265,"percentile":272},"2025-12-20",0.49409,{"date":274,"score":265,"percentile":275},"2025-12-21",0.4938,{"date":277,"score":265,"percentile":278},"2025-12-22",0.49367,{"date":280,"score":265,"percentile":281},"2025-12-23",0.49364,{"date":283,"score":265,"percentile":284},"2025-12-24",0.49375,{"date":286,"score":265,"percentile":287},"2025-12-25",0.49428,{"date":289,"score":265,"percentile":290},"2025-12-26",0.49417,{"date":292,"score":265,"percentile":293},"2025-12-27",0.49432,{"date":295,"score":265,"percentile":296},"2025-12-28",0.49357,{"date":298,"score":265,"percentile":299},"2025-12-29",0.49342,{"date":301,"score":265,"percentile":302},"2025-12-30",0.49337,{"date":304,"score":265,"percentile":305},"2025-12-31",0.49376,{"date":307,"score":265,"percentile":308},"2026-01-01",0.49542,{"date":310,"score":265,"percentile":311},"2026-01-02",0.49523,{"date":313,"score":265,"percentile":314},"2026-01-03",0.49513,{"date":316,"score":265,"percentile":317},"2026-01-04",0.49336,{"date":319,"score":265,"percentile":320},"2026-01-05",0.49322,{"date":322,"score":265,"percentile":323},"2026-01-06",0.49329,{"date":325,"score":265,"percentile":326},"2026-01-07",0.49344,{"date":328,"score":265,"percentile":329},"2026-01-08",0.49368,{"date":331,"score":265,"percentile":332},"2026-01-09",0.49343,{"date":334,"score":265,"percentile":335},"2026-01-10",0.4934,{"date":337,"score":265,"percentile":338},"2026-01-11",0.4932,{"date":340,"score":265,"percentile":341},"2026-01-12",0.49278,{"date":343,"score":265,"percentile":344},"2026-01-13",0.49254,{"date":346,"score":265,"percentile":347},"2026-01-14",0.49302,{"date":349,"score":265,"percentile":350},"2026-01-15",0.49305,{"date":352,"score":265,"percentile":353},"2026-01-16",0.49326,{"date":355,"score":265,"percentile":356},"2026-01-17",0.49304,{"date":358,"score":265,"percentile":359},"2026-01-18",0.49275,{"date":361,"score":265,"percentile":362},"2026-01-19",0.49253,{"date":364,"score":265,"percentile":365},"2026-01-20",0.49255,{"date":367,"score":265,"percentile":344},"2026-01-21",{"date":369,"score":265,"percentile":370},"2026-01-22",0.4926,{"date":372,"score":265,"percentile":373},"2026-01-23",0.49309,{"date":375,"score":265,"percentile":376},"2026-01-24",0.49316,{"date":378,"score":265,"percentile":379},"2026-01-25",0.49267,{"date":381,"score":265,"percentile":382},"2026-01-26",0.49238,{"date":384,"score":265,"percentile":385},"2026-01-27",0.49245,{"date":387,"score":265,"percentile":388},"2026-01-28",0.49257,{"date":390,"score":265,"percentile":391},"2026-01-29",0.49252,{"date":393,"score":265,"percentile":394},"2026-01-30",0.49261,{"date":396,"score":265,"percentile":397},"2026-01-31",0.49266,{"date":399,"score":265,"percentile":400},"2026-02-01",0.49404,[402],{"source":77,"cvss_v2_0":403,"cvss_v3_0":408,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":404,"baseSeverity":9,"vectorString":405,"impactScore":406,"exploitabilityScore":407},5,"AV:N/AC:L/Au:N/C:N/I:P/A:N",2.9,10,{"baseScore":75,"baseSeverity":409,"vectorString":78,"impactScore":410,"exploitabilityScore":407},"MEDIUM",2.3,[412],{"ecosystem":9,"name":413,"vendor":414,"product":415,"cpe_part":416,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":417},"Thunderbird","mozilla","thunderbird","a",[418,424],{"version":419,"is_range":420,"range_type":421,"version_start":9,"version_start_type":9,"version_end":422,"version_end_type":423,"fixed_in":9},"lt60.5.1",true,"cpe","60.5.1","excluding",{"version":425,"is_range":420,"range_type":83,"version_start":426,"version_start_type":427,"version_end":422,"version_end_type":423,"fixed_in":9},">= unspecified, \u003C 60.5.1","unspecified","including"]