Thunderbird
This hub aggregates every CVE we track for Thunderbird, a product in the communications space. Use it to gauge the current risk picture and drill into individual advisories.
1,896
CVEs tracked
641
Critical
583
High
14
In CISA KEV
Severity distribution
MEDIUM646CRITICAL641HIGH583LOW26
Monthly trend
15
10
9
23
17
0
9
13
13
24
16
12
16
7
10
11
16
13
17
51
47
50
37
42
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Thunderbird.
- CVE-2026-12330Incorrect boundary conditions in the Internationalization component5.4
- CVE-2026-12329Memory safety bug fixed in Thunderbird ESR 140.125.3
- CVE-2026-12328Memory safety bugs fixed in Firefox ESR 115.37, Firefox ESR 140.12, Thunderbird ESR 140.12, Firefox 152 and Thunderbird 1528.1
- CVE-2026-12327Memory safety bugs fixed in Firefox ESR 140.12, Thunderbird ESR 140.12, Firefox 152 and Thunderbird 1528.1
- CVE-2026-12326Memory safety bugs fixed in Firefox 152 and Thunderbird 1528.1
- CVE-2026-12325Denial-of-service in the Graphics: ImageLib component6.5
- CVE-2026-12324Incorrect boundary conditions in the Graphics: CanvasWebGL component7.3
- CVE-2026-12323Spoofing issue in the DOM: Core & HTML component5.4
- CVE-2026-12322Clickjacking issue in the Widget: Gtk component5.4
- CVE-2026-12321JIT miscompilation in the JavaScript: WebAssembly component5.4
- CVE-2026-12320Information disclosure in the Password Manager component4.3
- CVE-2026-12319Denial-of-service in the Audio/Video: Playback component6.5
- CVE-2026-12318Incorrect boundary conditions in the Libraries component in NSS7.3
- CVE-2026-12317Memory safety bug fixed in Firefox 1527.5
- CVE-2026-12316Mitigation bypass in the DOM: Security component9.1
Product normalization is registry-driven with AI assist and human review. How it works