[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2026-4687":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":79,"aliases":80,"duplicate_of":9,"upstream":81,"downstream":82,"duplicates":165,"related":166,"reserved_at":9,"published_at":179,"modified_at":180,"state":181,"summary":182,"references_raw":191,"kevs":219,"epss":220,"epss_history":223,"metrics":440,"affected":452},"CVE-2026-4687","Sandbox escape due to incorrect boundary conditions in the Telemetry component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.",null,[11,20],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-754","Improper Check for Unusual or Exceptional Conditions","The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the product.","weakness","Incomplete","Class","Medium",[],{"_key":21,"id":21,"name":22,"description":23,"type":15,"status":16,"abstraction":24,"likelihood_of_exploit":25,"capec":26},"CWE-120","Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')","The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer.","Base","High",[27,31,35,39,43,47,51,55,59,63,67,71,75],{"id":28,"name":29,"techniques":30},"CAPEC-10","Buffer Overflow via Environment Variables",[],{"id":32,"name":33,"techniques":34},"CAPEC-100","Overflow Buffers",[],{"id":36,"name":37,"techniques":38},"CAPEC-14","Client-side Injection-induced Buffer Overflow",[],{"id":40,"name":41,"techniques":42},"CAPEC-24","Filter Failure through Buffer Overflow",[],{"id":44,"name":45,"techniques":46},"CAPEC-42","MIME Conversion",[],{"id":48,"name":49,"techniques":50},"CAPEC-44","Overflow Binary Resource File",[],{"id":52,"name":53,"techniques":54},"CAPEC-45","Buffer Overflow via Symbolic Links",[],{"id":56,"name":57,"techniques":58},"CAPEC-46","Overflow Variables and Tags",[],{"id":60,"name":61,"techniques":62},"CAPEC-47","Buffer Overflow via Parameter Expansion",[],{"id":64,"name":65,"techniques":66},"CAPEC-67","String Format Overflow in syslog()",[],{"id":68,"name":69,"techniques":70},"CAPEC-8","Buffer Overflow in an API Call",[],{"id":72,"name":73,"techniques":74},"CAPEC-9","Buffer Overflow in Local Command-Line Utilities",[],{"id":76,"name":77,"techniques":78},"CAPEC-92","Forced Integer Overflow",[],[],[],[],[83,85,87,89,91,93,95,97,99,101,103,105,107,109,111,113,115,117,119,121,123,125,127,129,131,133,135,137,139,141,143,145,147,149,151,153,155,157,159,161,163],{"_key":84},"OPENSUSE-SU-2026:10413-1",{"_key":86},"DSA-6178-1",{"_key":88},"DLA-4510-1",{"_key":90},"DLA-4511-1",{"_key":92},"DSA-6179-1",{"_key":94},"SUSE-SU-2026:1127-1",{"_key":96},"SUSE-SU-2026:1126-1",{"_key":98},"OPENSUSE-SU-2026:10447-1",{"_key":100},"OPENSUSE-SU-2026:10458-1",{"_key":102},"SUSE-SU-2026:1163-1",{"_key":104},"OPENSUSE-SU-2026:20439-1",{"_key":106},"SUSE-SU-2026:20978-1",{"_key":108},"MGASA-2026-0080",{"_key":110},"MGASA-2026-0081",{"_key":112},"UBUNTU-CVE-2026-4687",{"_key":114},"DEBIAN-CVE-2026-4687",{"_key":116},"RHSA-2026:5930",{"_key":118},"RHSA-2026:5931",{"_key":120},"RHSA-2026:5932",{"_key":122},"RHSA-2026:6188",{"_key":124},"RHSA-2026:6342",{"_key":126},"RHSA-2026:6917",{"_key":128},"RHSA-2026:7837",{"_key":130},"RHSA-2026:7838",{"_key":132},"RHSA-2026:7839",{"_key":134},"RHSA-2026:7840",{"_key":136},"RHSA-2026:7841",{"_key":138},"RHSA-2026:7842",{"_key":140},"RHSA-2026:7843",{"_key":142},"RHSA-2026:7845",{"_key":144},"RHSA-2026:7858",{"_key":146},"RHSA-2026:8284",{"_key":148},"RHSA-2026:8285",{"_key":150},"RHSA-2026:8286",{"_key":152},"RHSA-2026:8287",{"_key":154},"RHSA-2026:8288",{"_key":156},"RHSA-2026:8289",{"_key":158},"RHSA-2026:8290",{"_key":160},"RHSA-2026:8315",{"_key":162},"RHSA-2026:8427",{"_key":164},"RHSA-2026:8850",[],[167,168,169,170,171,172,173,174,175,176,177],{"_key":84},{"_key":94},{"_key":96},{"_key":98},{"_key":100},{"_key":102},{"_key":104},{"_key":106},{"_key":108},{"_key":110},{"_key":178},"CGA-WXQ3-27FQ-23C2","2026-03-24T12:30:22.179Z","2026-04-13T13:48:33.096Z","Modified",{"cisa_kev":183,"cisa_ransomware":183,"cisa_vendor":9,"epss_severity":184,"epss_score":185,"severity":186,"severity_score":187,"severity_version":188,"severity_source":189,"severity_vector":190,"severity_status":181},false,"low",0.0003,"critical",9.6,"v3.1","cve.org","CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",[192,198,203,207,211,215],{"url":193,"sources":194,"tags":196},"https://bugzilla.mozilla.org/show_bug.cgi?id=2016368",[189,195],"nvd",[197],"Permissions Required",{"url":199,"sources":200,"tags":201},"https://www.mozilla.org/security/advisories/mfsa2026-20/",[189,195],[202],"Vendor Advisory",{"url":204,"sources":205,"tags":206},"https://www.mozilla.org/security/advisories/mfsa2026-21/",[189,195],[202],{"url":208,"sources":209,"tags":210},"https://www.mozilla.org/security/advisories/mfsa2026-22/",[189,195],[202],{"url":212,"sources":213,"tags":214},"https://www.mozilla.org/security/advisories/mfsa2026-23/",[189,195],[],{"url":216,"sources":217,"tags":218},"https://www.mozilla.org/security/advisories/mfsa2026-24/",[189,195],[],[],{"date":221,"score":185,"percentile":222},"2026-06-04",0.09036,[224,228,232,235,238,240,244,247,250,253,256,259,262,265,268,271,274,277,280,283,286,289,292,295,298,301,304,307,310,313,316,319,323,326,329,332,335,338,341,344,347,350,353,356,359,362,365,368,371,374,377,380,383,386,389,391,394,397,400,403,406,409,412,415,418,421,424,427,430,433,436,439],{"date":225,"score":226,"percentile":227},"2026-03-25",0.00021,0.05582,{"date":229,"score":230,"percentile":231},"2026-03-26",0.00022,0.05882,{"date":233,"score":230,"percentile":234},"2026-03-27",0.05876,{"date":236,"score":230,"percentile":237},"2026-03-28",0.05883,{"date":239,"score":230,"percentile":234},"2026-03-29",{"date":241,"score":242,"percentile":243},"2026-03-30",0.00024,0.06341,{"date":245,"score":242,"percentile":246},"2026-03-31",0.06314,{"date":248,"score":242,"percentile":249},"2026-04-01",0.06323,{"date":251,"score":242,"percentile":252},"2026-04-02",0.06357,{"date":254,"score":242,"percentile":255},"2026-04-03",0.06367,{"date":257,"score":242,"percentile":258},"2026-04-04",0.06388,{"date":260,"score":242,"percentile":261},"2026-04-05",0.06386,{"date":263,"score":242,"percentile":264},"2026-04-06",0.06358,{"date":266,"score":242,"percentile":267},"2026-04-07",0.06376,{"date":269,"score":242,"percentile":270},"2026-04-08",0.06425,{"date":272,"score":242,"percentile":273},"2026-04-09",0.06468,{"date":275,"score":242,"percentile":276},"2026-04-10",0.06473,{"date":278,"score":242,"percentile":279},"2026-04-11",0.06461,{"date":281,"score":242,"percentile":282},"2026-04-12",0.06454,{"date":284,"score":242,"percentile":285},"2026-04-13",0.06444,{"date":287,"score":242,"percentile":288},"2026-04-14",0.06369,{"date":290,"score":242,"percentile":291},"2026-04-15",0.06378,{"date":293,"score":242,"percentile":294},"2026-04-16",0.06385,{"date":296,"score":242,"percentile":297},"2026-04-17",0.06395,{"date":299,"score":242,"percentile":300},"2026-04-18",0.06394,{"date":302,"score":242,"percentile":303},"2026-04-19",0.06375,{"date":305,"score":242,"percentile":306},"2026-04-20",0.06353,{"date":308,"score":242,"percentile":309},"2026-04-21",0.06543,{"date":311,"score":242,"percentile":312},"2026-04-22",0.06551,{"date":314,"score":242,"percentile":315},"2026-04-23",0.06571,{"date":317,"score":242,"percentile":318},"2026-04-24",0.06559,{"date":320,"score":321,"percentile":322},"2026-04-25",0.00026,0.07245,{"date":324,"score":321,"percentile":325},"2026-04-26",0.07233,{"date":327,"score":321,"percentile":328},"2026-04-27",0.0722,{"date":330,"score":321,"percentile":331},"2026-04-28",0.07197,{"date":333,"score":321,"percentile":334},"2026-04-29",0.07205,{"date":336,"score":321,"percentile":337},"2026-04-30",0.07212,{"date":339,"score":321,"percentile":340},"2026-05-01",0.07194,{"date":342,"score":321,"percentile":343},"2026-05-02",0.07243,{"date":345,"score":321,"percentile":346},"2026-05-03",0.07232,{"date":348,"score":321,"percentile":349},"2026-05-04",0.07209,{"date":351,"score":321,"percentile":352},"2026-05-05",0.07217,{"date":354,"score":321,"percentile":355},"2026-05-06",0.07242,{"date":357,"score":321,"percentile":358},"2026-05-07",0.07372,{"date":360,"score":321,"percentile":361},"2026-05-08",0.0739,{"date":363,"score":321,"percentile":364},"2026-05-09",0.07443,{"date":366,"score":321,"percentile":367},"2026-05-10",0.07446,{"date":369,"score":321,"percentile":370},"2026-05-11",0.07427,{"date":372,"score":321,"percentile":373},"2026-05-12",0.07442,{"date":375,"score":321,"percentile":376},"2026-05-13",0.07444,{"date":378,"score":321,"percentile":379},"2026-05-14",0.07477,{"date":381,"score":321,"percentile":382},"2026-05-15",0.07475,{"date":384,"score":321,"percentile":385},"2026-05-16",0.07493,{"date":387,"score":321,"percentile":388},"2026-05-17",0.07485,{"date":390,"score":321,"percentile":364},"2026-05-18",{"date":392,"score":321,"percentile":393},"2026-05-19",0.07414,{"date":395,"score":321,"percentile":396},"2026-05-20",0.07403,{"date":398,"score":321,"percentile":399},"2026-05-21",0.07398,{"date":401,"score":321,"percentile":402},"2026-05-22",0.07692,{"date":404,"score":321,"percentile":405},"2026-05-23",0.07694,{"date":407,"score":321,"percentile":408},"2026-05-24",0.07699,{"date":410,"score":321,"percentile":411},"2026-05-25",0.07684,{"date":413,"score":321,"percentile":414},"2026-05-26",0.07669,{"date":416,"score":321,"percentile":417},"2026-05-27",0.07719,{"date":419,"score":321,"percentile":420},"2026-05-28",0.07872,{"date":422,"score":321,"percentile":423},"2026-05-29",0.0789,{"date":425,"score":321,"percentile":426},"2026-05-30",0.07882,{"date":428,"score":185,"percentile":429},"2026-05-31",0.09141,{"date":431,"score":185,"percentile":432},"2026-06-01",0.09119,{"date":434,"score":185,"percentile":435},"2026-06-02",0.09066,{"date":437,"score":185,"percentile":438},"2026-06-03",0.09021,{"date":221,"score":185,"percentile":222},[441,448],{"source":195,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":442,"cvss_v4_0":9},{"baseScore":443,"baseSeverity":444,"vectorString":445,"impactScore":446,"exploitabilityScore":447},8.6,"HIGH","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",6.7,10,{"source":189,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":449,"cvss_v4_0":9},{"baseScore":187,"baseSeverity":450,"vectorString":190,"impactScore":447,"exploitabilityScore":451},"CRITICAL",7.2,[453,476,486],{"ecosystem":9,"name":454,"vendor":455,"product":454,"cpe_part":456,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":457},"firefox","mozilla","a",[458,465,469,472],{"version":459,"is_range":460,"range_type":189,"version_start":461,"version_start_type":462,"version_end":463,"version_end_type":464,"fixed_in":9},">= unspecified, \u003C 149",true,"unspecified","including","149","excluding",{"version":466,"is_range":460,"range_type":467,"version_start":9,"version_start_type":9,"version_end":468,"version_end_type":464,"fixed_in":9},"lt115.34.0","cpe","115.34.0",{"version":470,"is_range":460,"range_type":467,"version_start":9,"version_start_type":9,"version_end":471,"version_end_type":464,"fixed_in":9},"lt149.0","149.0",{"version":473,"is_range":460,"range_type":467,"version_start":474,"version_start_type":462,"version_end":475,"version_end_type":464,"fixed_in":9},"gte128.0_lt140.9.0","128.0","140.9.0",{"ecosystem":9,"name":477,"vendor":455,"product":478,"cpe_part":456,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":479},"firefox esr","firefox_esr",[480,483],{"version":481,"is_range":460,"range_type":189,"version_start":461,"version_start_type":462,"version_end":482,"version_end_type":464,"fixed_in":9},">= unspecified, \u003C 115.34","115.34",{"version":484,"is_range":460,"range_type":189,"version_start":461,"version_start_type":462,"version_end":485,"version_end_type":464,"fixed_in":9},">= unspecified, \u003C 140.9","140.9",{"ecosystem":9,"name":487,"vendor":455,"product":488,"cpe_part":456,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":489},"Thunderbird","thunderbird",[490,491],{"version":459,"is_range":460,"range_type":189,"version_start":461,"version_start_type":462,"version_end":463,"version_end_type":464,"fixed_in":9},{"version":484,"is_range":460,"range_type":189,"version_start":461,"version_start_type":462,"version_end":485,"version_end_type":464,"fixed_in":9}]