RHSA-2026:6188
Advisory lineage Upstream: 39 Downstream: 0
Published: 31 Mar 2026, 10:12
Last modified:23 May 2026, 10:06
Vulnerability Summary
Overall Risk (default)
medium
33/100 CVSS Score
8.2 HIGH
3.1 (osv_red_hat)
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
31 Mar 2026, 10:12
Published
Vulnerability first disclosed
23 May 2026, 10:06
Last Modified
Vulnerability information updated
Description
Red Hat Security Advisory: thunderbird security update
CVSS Metrics
- v3.1•HIGH•Score: 8.2CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
Affected Systems
- redhat•thunderbird
< 0:140.9.0-1.el9_7
- redhat•thunderbird-debuginfo
< 0:140.9.0-1.el9_7
- redhat•thunderbird-debugsource
< 0:140.9.0-1.el9_7
References (235)
- https://access.redhat.com/errata/RHSA-2026:6188
- https://access.redhat.com/security/updates/classification/#important
- https://bugzilla.redhat.com/show_bug.cgi?id=2450710
- https://bugzilla.redhat.com/show_bug.cgi?id=2450711
- https://bugzilla.redhat.com/show_bug.cgi?id=2450712
- https://bugzilla.redhat.com/show_bug.cgi?id=2450713
- https://bugzilla.redhat.com/show_bug.cgi?id=2450714
- https://bugzilla.redhat.com/show_bug.cgi?id=2450715
- https://bugzilla.redhat.com/show_bug.cgi?id=2450718
- https://bugzilla.redhat.com/show_bug.cgi?id=2450719
- https://bugzilla.redhat.com/show_bug.cgi?id=2450720
- https://bugzilla.redhat.com/show_bug.cgi?id=2450721
- https://bugzilla.redhat.com/show_bug.cgi?id=2450722
- https://bugzilla.redhat.com/show_bug.cgi?id=2450723
- https://bugzilla.redhat.com/show_bug.cgi?id=2450724
- https://bugzilla.redhat.com/show_bug.cgi?id=2450725
- https://bugzilla.redhat.com/show_bug.cgi?id=2450726
- https://bugzilla.redhat.com/show_bug.cgi?id=2450727
- https://bugzilla.redhat.com/show_bug.cgi?id=2450728
- https://bugzilla.redhat.com/show_bug.cgi?id=2450729
- https://bugzilla.redhat.com/show_bug.cgi?id=2450730
- https://bugzilla.redhat.com/show_bug.cgi?id=2450732
- https://bugzilla.redhat.com/show_bug.cgi?id=2450733
- https://bugzilla.redhat.com/show_bug.cgi?id=2450734
- https://bugzilla.redhat.com/show_bug.cgi?id=2450735
- https://bugzilla.redhat.com/show_bug.cgi?id=2450738
- https://bugzilla.redhat.com/show_bug.cgi?id=2450739
- https://bugzilla.redhat.com/show_bug.cgi?id=2450740
- https://bugzilla.redhat.com/show_bug.cgi?id=2450741
- https://bugzilla.redhat.com/show_bug.cgi?id=2450742
- https://bugzilla.redhat.com/show_bug.cgi?id=2450744
- https://bugzilla.redhat.com/show_bug.cgi?id=2450746
- https://bugzilla.redhat.com/show_bug.cgi?id=2450747
- https://bugzilla.redhat.com/show_bug.cgi?id=2450748
- https://bugzilla.redhat.com/show_bug.cgi?id=2450751
- https://bugzilla.redhat.com/show_bug.cgi?id=2450752
- https://bugzilla.redhat.com/show_bug.cgi?id=2450755
- https://bugzilla.redhat.com/show_bug.cgi?id=2450756
- https://bugzilla.redhat.com/show_bug.cgi?id=2450757
- https://bugzilla.redhat.com/show_bug.cgi?id=2451001
- https://bugzilla.redhat.com/show_bug.cgi?id=2451006
- https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_6188.json
- https://access.redhat.com/security/cve/CVE-2026-3889
- https://www.cve.org/CVERecord?id=CVE-2026-3889
- https://nvd.nist.gov/vuln/detail/CVE-2026-3889
- https://www.mozilla.org/security/advisories/mfsa2026-24/#CVE-2026-3889
- https://access.redhat.com/security/cve/CVE-2026-4371
- https://www.cve.org/CVERecord?id=CVE-2026-4371
- https://nvd.nist.gov/vuln/detail/CVE-2026-4371
- https://www.mozilla.org/security/advisories/mfsa2026-24/#CVE-2026-4371
- https://access.redhat.com/security/cve/CVE-2026-4684
- https://www.cve.org/CVERecord?id=CVE-2026-4684
- https://nvd.nist.gov/vuln/detail/CVE-2026-4684
- https://www.mozilla.org/security/advisories/mfsa2026-22/#CVE-2026-4684
- https://www.mozilla.org/security/advisories/mfsa2026-24/#CVE-2026-4684
- https://access.redhat.com/security/cve/CVE-2026-4685
- https://www.cve.org/CVERecord?id=CVE-2026-4685
- https://nvd.nist.gov/vuln/detail/CVE-2026-4685
- https://www.mozilla.org/security/advisories/mfsa2026-22/#CVE-2026-4685
- https://www.mozilla.org/security/advisories/mfsa2026-24/#CVE-2026-4685
- https://access.redhat.com/security/cve/CVE-2026-4686
- https://www.cve.org/CVERecord?id=CVE-2026-4686
- https://nvd.nist.gov/vuln/detail/CVE-2026-4686
- https://www.mozilla.org/security/advisories/mfsa2026-22/#CVE-2026-4686
- https://www.mozilla.org/security/advisories/mfsa2026-24/#CVE-2026-4686
- https://access.redhat.com/security/cve/CVE-2026-4687
- https://www.cve.org/CVERecord?id=CVE-2026-4687
- https://nvd.nist.gov/vuln/detail/CVE-2026-4687
- https://www.mozilla.org/security/advisories/mfsa2026-22/#CVE-2026-4687
- https://www.mozilla.org/security/advisories/mfsa2026-24/#CVE-2026-4687
- https://access.redhat.com/security/cve/CVE-2026-4688
- https://www.cve.org/CVERecord?id=CVE-2026-4688
- https://nvd.nist.gov/vuln/detail/CVE-2026-4688
- https://www.mozilla.org/security/advisories/mfsa2026-22/#CVE-2026-4688
- https://www.mozilla.org/security/advisories/mfsa2026-24/#CVE-2026-4688
- https://access.redhat.com/security/cve/CVE-2026-4689
- https://www.cve.org/CVERecord?id=CVE-2026-4689
- https://nvd.nist.gov/vuln/detail/CVE-2026-4689
- https://www.mozilla.org/security/advisories/mfsa2026-22/#CVE-2026-4689
- https://www.mozilla.org/security/advisories/mfsa2026-24/#CVE-2026-4689
- https://access.redhat.com/security/cve/CVE-2026-4690
- https://www.cve.org/CVERecord?id=CVE-2026-4690
- https://nvd.nist.gov/vuln/detail/CVE-2026-4690
- https://www.mozilla.org/security/advisories/mfsa2026-22/#CVE-2026-4690
- https://www.mozilla.org/security/advisories/mfsa2026-24/#CVE-2026-4690
- https://access.redhat.com/security/cve/CVE-2026-4691
- https://www.cve.org/CVERecord?id=CVE-2026-4691
- https://nvd.nist.gov/vuln/detail/CVE-2026-4691
- https://www.mozilla.org/security/advisories/mfsa2026-22/#CVE-2026-4691
- https://www.mozilla.org/security/advisories/mfsa2026-24/#CVE-2026-4691
- https://access.redhat.com/security/cve/CVE-2026-4692
- https://www.cve.org/CVERecord?id=CVE-2026-4692
- https://nvd.nist.gov/vuln/detail/CVE-2026-4692
- https://www.mozilla.org/security/advisories/mfsa2026-22/#CVE-2026-4692
- https://www.mozilla.org/security/advisories/mfsa2026-24/#CVE-2026-4692
- https://access.redhat.com/security/cve/CVE-2026-4693
- https://www.cve.org/CVERecord?id=CVE-2026-4693
- https://nvd.nist.gov/vuln/detail/CVE-2026-4693
- https://www.mozilla.org/security/advisories/mfsa2026-22/#CVE-2026-4693
- https://www.mozilla.org/security/advisories/mfsa2026-24/#CVE-2026-4693
- https://access.redhat.com/security/cve/CVE-2026-4694
- https://www.cve.org/CVERecord?id=CVE-2026-4694
- https://nvd.nist.gov/vuln/detail/CVE-2026-4694
- https://www.mozilla.org/security/advisories/mfsa2026-22/#CVE-2026-4694
- https://www.mozilla.org/security/advisories/mfsa2026-24/#CVE-2026-4694
- https://access.redhat.com/security/cve/CVE-2026-4695
- https://www.cve.org/CVERecord?id=CVE-2026-4695
- https://nvd.nist.gov/vuln/detail/CVE-2026-4695
- https://www.mozilla.org/security/advisories/mfsa2026-22/#CVE-2026-4695
- https://www.mozilla.org/security/advisories/mfsa2026-24/#CVE-2026-4695
- https://access.redhat.com/security/cve/CVE-2026-4696
- https://www.cve.org/CVERecord?id=CVE-2026-4696
- https://nvd.nist.gov/vuln/detail/CVE-2026-4696
- https://www.mozilla.org/security/advisories/mfsa2026-22/#CVE-2026-4696
- https://www.mozilla.org/security/advisories/mfsa2026-24/#CVE-2026-4696
- https://access.redhat.com/security/cve/CVE-2026-4697
- https://www.cve.org/CVERecord?id=CVE-2026-4697
- https://nvd.nist.gov/vuln/detail/CVE-2026-4697
- https://www.mozilla.org/security/advisories/mfsa2026-22/#CVE-2026-4697
- https://www.mozilla.org/security/advisories/mfsa2026-24/#CVE-2026-4697
- https://access.redhat.com/security/cve/CVE-2026-4698
- https://www.cve.org/CVERecord?id=CVE-2026-4698
- https://nvd.nist.gov/vuln/detail/CVE-2026-4698
- https://www.mozilla.org/security/advisories/mfsa2026-22/#CVE-2026-4698
- https://www.mozilla.org/security/advisories/mfsa2026-24/#CVE-2026-4698
- https://access.redhat.com/security/cve/CVE-2026-4699
- https://www.cve.org/CVERecord?id=CVE-2026-4699
- https://nvd.nist.gov/vuln/detail/CVE-2026-4699
- https://www.mozilla.org/security/advisories/mfsa2026-22/#CVE-2026-4699
- https://www.mozilla.org/security/advisories/mfsa2026-24/#CVE-2026-4699
- https://access.redhat.com/security/cve/CVE-2026-4700
- https://www.cve.org/CVERecord?id=CVE-2026-4700
- https://nvd.nist.gov/vuln/detail/CVE-2026-4700
- https://www.mozilla.org/security/advisories/mfsa2026-22/#CVE-2026-4700
- https://www.mozilla.org/security/advisories/mfsa2026-24/#CVE-2026-4700
- https://access.redhat.com/security/cve/CVE-2026-4701
- https://www.cve.org/CVERecord?id=CVE-2026-4701
- https://nvd.nist.gov/vuln/detail/CVE-2026-4701
- https://www.mozilla.org/security/advisories/mfsa2026-22/#CVE-2026-4701
- https://www.mozilla.org/security/advisories/mfsa2026-24/#CVE-2026-4701
- https://access.redhat.com/security/cve/CVE-2026-4702
- https://www.cve.org/CVERecord?id=CVE-2026-4702
- https://nvd.nist.gov/vuln/detail/CVE-2026-4702
- https://www.mozilla.org/security/advisories/mfsa2026-22/#CVE-2026-4702
- https://www.mozilla.org/security/advisories/mfsa2026-24/#CVE-2026-4702
- https://access.redhat.com/security/cve/CVE-2026-4704
- https://www.cve.org/CVERecord?id=CVE-2026-4704
- https://nvd.nist.gov/vuln/detail/CVE-2026-4704
- https://www.mozilla.org/security/advisories/mfsa2026-22/#CVE-2026-4704
- https://www.mozilla.org/security/advisories/mfsa2026-24/#CVE-2026-4704
- https://access.redhat.com/security/cve/CVE-2026-4705
- https://www.cve.org/CVERecord?id=CVE-2026-4705
- https://nvd.nist.gov/vuln/detail/CVE-2026-4705
- https://www.mozilla.org/security/advisories/mfsa2026-22/#CVE-2026-4705
- https://www.mozilla.org/security/advisories/mfsa2026-24/#CVE-2026-4705
- https://access.redhat.com/security/cve/CVE-2026-4706
- https://www.cve.org/CVERecord?id=CVE-2026-4706
- https://nvd.nist.gov/vuln/detail/CVE-2026-4706
- https://www.mozilla.org/security/advisories/mfsa2026-22/#CVE-2026-4706
- https://www.mozilla.org/security/advisories/mfsa2026-24/#CVE-2026-4706
- https://access.redhat.com/security/cve/CVE-2026-4707
- https://www.cve.org/CVERecord?id=CVE-2026-4707
- https://nvd.nist.gov/vuln/detail/CVE-2026-4707
- https://www.mozilla.org/security/advisories/mfsa2026-22/#CVE-2026-4707
- https://www.mozilla.org/security/advisories/mfsa2026-24/#CVE-2026-4707
- https://access.redhat.com/security/cve/CVE-2026-4708
- https://www.cve.org/CVERecord?id=CVE-2026-4708
- https://nvd.nist.gov/vuln/detail/CVE-2026-4708
- https://www.mozilla.org/security/advisories/mfsa2026-22/#CVE-2026-4708
- https://www.mozilla.org/security/advisories/mfsa2026-24/#CVE-2026-4708
- https://access.redhat.com/security/cve/CVE-2026-4709
- https://www.cve.org/CVERecord?id=CVE-2026-4709
- https://nvd.nist.gov/vuln/detail/CVE-2026-4709
- https://www.mozilla.org/security/advisories/mfsa2026-22/#CVE-2026-4709
- https://www.mozilla.org/security/advisories/mfsa2026-24/#CVE-2026-4709
- https://access.redhat.com/security/cve/CVE-2026-4710
- https://www.cve.org/CVERecord?id=CVE-2026-4710
- https://nvd.nist.gov/vuln/detail/CVE-2026-4710
- https://www.mozilla.org/security/advisories/mfsa2026-22/#CVE-2026-4710
- https://www.mozilla.org/security/advisories/mfsa2026-24/#CVE-2026-4710
- https://access.redhat.com/security/cve/CVE-2026-4711
- https://www.cve.org/CVERecord?id=CVE-2026-4711
- https://nvd.nist.gov/vuln/detail/CVE-2026-4711
- https://www.mozilla.org/security/advisories/mfsa2026-22/#CVE-2026-4711
- https://www.mozilla.org/security/advisories/mfsa2026-24/#CVE-2026-4711
- https://access.redhat.com/security/cve/CVE-2026-4712
- https://www.cve.org/CVERecord?id=CVE-2026-4712
- https://nvd.nist.gov/vuln/detail/CVE-2026-4712
- https://www.mozilla.org/security/advisories/mfsa2026-22/#CVE-2026-4712
- https://www.mozilla.org/security/advisories/mfsa2026-24/#CVE-2026-4712
- https://access.redhat.com/security/cve/CVE-2026-4713
- https://www.cve.org/CVERecord?id=CVE-2026-4713
- https://nvd.nist.gov/vuln/detail/CVE-2026-4713
- https://www.mozilla.org/security/advisories/mfsa2026-22/#CVE-2026-4713
- https://www.mozilla.org/security/advisories/mfsa2026-24/#CVE-2026-4713
- https://access.redhat.com/security/cve/CVE-2026-4714
- https://www.cve.org/CVERecord?id=CVE-2026-4714
- https://nvd.nist.gov/vuln/detail/CVE-2026-4714
- https://www.mozilla.org/security/advisories/mfsa2026-22/#CVE-2026-4714
- https://www.mozilla.org/security/advisories/mfsa2026-24/#CVE-2026-4714
- https://access.redhat.com/security/cve/CVE-2026-4715
- https://www.cve.org/CVERecord?id=CVE-2026-4715
- https://nvd.nist.gov/vuln/detail/CVE-2026-4715
- https://www.mozilla.org/security/advisories/mfsa2026-22/#CVE-2026-4715
- https://www.mozilla.org/security/advisories/mfsa2026-24/#CVE-2026-4715
- https://access.redhat.com/security/cve/CVE-2026-4716
- https://www.cve.org/CVERecord?id=CVE-2026-4716
- https://nvd.nist.gov/vuln/detail/CVE-2026-4716
- https://www.mozilla.org/security/advisories/mfsa2026-22/#CVE-2026-4716
- https://www.mozilla.org/security/advisories/mfsa2026-24/#CVE-2026-4716
- https://access.redhat.com/security/cve/CVE-2026-4717
- https://www.cve.org/CVERecord?id=CVE-2026-4717
- https://nvd.nist.gov/vuln/detail/CVE-2026-4717
- https://www.mozilla.org/security/advisories/mfsa2026-22/#CVE-2026-4717
- https://www.mozilla.org/security/advisories/mfsa2026-24/#CVE-2026-4717
- https://access.redhat.com/security/cve/CVE-2026-4718
- https://www.cve.org/CVERecord?id=CVE-2026-4718
- https://nvd.nist.gov/vuln/detail/CVE-2026-4718
- https://www.mozilla.org/security/advisories/mfsa2026-22/#CVE-2026-4718
- https://www.mozilla.org/security/advisories/mfsa2026-24/#CVE-2026-4718
- https://access.redhat.com/security/cve/CVE-2026-4719
- https://www.cve.org/CVERecord?id=CVE-2026-4719
- https://nvd.nist.gov/vuln/detail/CVE-2026-4719
- https://www.mozilla.org/security/advisories/mfsa2026-22/#CVE-2026-4719
- https://www.mozilla.org/security/advisories/mfsa2026-24/#CVE-2026-4719
- https://access.redhat.com/security/cve/CVE-2026-4720
- https://www.cve.org/CVERecord?id=CVE-2026-4720
- https://nvd.nist.gov/vuln/detail/CVE-2026-4720
- https://www.mozilla.org/security/advisories/mfsa2026-22/#CVE-2026-4720
- https://www.mozilla.org/security/advisories/mfsa2026-24/#CVE-2026-4720
- https://access.redhat.com/security/cve/CVE-2026-4721
- https://www.cve.org/CVERecord?id=CVE-2026-4721
- https://nvd.nist.gov/vuln/detail/CVE-2026-4721
- https://www.mozilla.org/security/advisories/mfsa2026-22/#CVE-2026-4721
- https://www.mozilla.org/security/advisories/mfsa2026-24/#CVE-2026-4721