Search CVE reports

Toggle filters

271 – 280 of 2489 results

CVE-2026-24515

Medium priority

Some fixes available 12 of 73

In libexpat before 2.7.4, XML_ExternalEntityParserCreate does not copy unknown encoding handler user data.

23 affected packages

apache2, apr-util, ayttm, cableswig, cadaver...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
apache2 Not affected Not affected Not affected Not affected Not affected
apr-util Not affected Not affected Not affected Not affected Not affected
ayttm Not in release Not in release Not in release
cableswig Not in release Not in release Not in release
cadaver Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
cmake Not affected Not affected Not affected Not affected Not affected
coin3 Not affected Not affected Not affected Not affected Needs evaluation
expat Not affected Fixed Fixed Fixed Fixed
firefox Not affected Not affected Not affected
gdcm Not affected Not affected Not affected Not affected Needs evaluation
ghostscript Not affected Not affected Not affected Not affected Not affected
insighttoolkit4 Not in release Not in release Needs evaluation Needs evaluation Needs evaluation
libxmltok Not in release Fixed Fixed Fixed Fixed
matanza Ignored Ignored Ignored Ignored Needs evaluation
smart Not in release Not in release Not in release Needs evaluation
swish-e Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
tdom Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
texlive-bin Not affected Not affected Not affected Not affected Not affected
thunderbird Not affected Not affected Not affected
vnc4 Not in release Not in release Not in release Needs evaluation
vtk Not in release Not in release Not in release
wbxml2 Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
xmlrpc-c Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show all 23 packages Show less packages

CVE-2026-0892

Medium priority
Needs evaluation

Memory safety bugs present in Firefox 146 and Thunderbird 146. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This...

9 affected packages

firefox, mozjs102, mozjs115, mozjs38, mozjs52...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Not affected Not affected Not affected
mozjs102 Not in release Ignored Ignored
mozjs115 Not in release Ignored Not in release
mozjs38 Not in release Not in release Not in release Needs evaluation
mozjs52 Not in release Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Not in release Ignored
mozjs78 Not in release Not in release Ignored
mozjs91 Not in release Not in release Ignored
thunderbird Not affected Not affected Not affected
Show all 9 packages Show less packages

CVE-2026-0891

Medium priority

Some fixes available 1 of 11

Memory safety bugs present in Firefox ESR 140.6, Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been...

9 affected packages

firefox, mozjs102, mozjs115, mozjs38, mozjs52...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Not affected Not affected Not affected
mozjs102 Not in release Ignored Ignored
mozjs115 Not in release Ignored Not in release
mozjs38 Not in release Not in release Not in release Needs evaluation
mozjs52 Not in release Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Not in release Ignored
mozjs78 Not in release Not in release Ignored
mozjs91 Not in release Not in release Ignored
thunderbird Not affected Not affected Fixed
Show all 9 packages Show less packages

CVE-2026-0890

Medium priority

Some fixes available 1 of 11

Spoofing issue in the DOM: Copy & Paste and Drag & Drop component. This vulnerability was fixed in Firefox 147, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7.

9 affected packages

firefox, mozjs102, mozjs115, mozjs38, mozjs52...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Not affected Not affected Not affected
mozjs102 Not in release Ignored Ignored
mozjs115 Not in release Ignored Not in release
mozjs38 Not in release Not in release Not in release Needs evaluation
mozjs52 Not in release Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Not in release Ignored
mozjs78 Not in release Not in release Ignored
mozjs91 Not in release Not in release Ignored
thunderbird Not affected Not affected Fixed
Show all 9 packages Show less packages

CVE-2026-0889

Medium priority
Not affected

Denial-of-service in the DOM: Service Workers component. This vulnerability was fixed in Firefox 147 and Thunderbird 147.

2 affected packages

firefox, thunderbird

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Not affected Not affected
thunderbird Not affected Not affected
Show less packages

CVE-2026-0888

Medium priority
Not affected

Information disclosure in the XML component. This vulnerability was fixed in Firefox 147 and Thunderbird 147.

2 affected packages

firefox, thunderbird

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Not affected Not affected
thunderbird Not affected Not affected
Show less packages

CVE-2026-0887

Medium priority

Some fixes available 1 of 11

Clickjacking issue, information disclosure in the PDF Viewer component. This vulnerability was fixed in Firefox 147, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7.

9 affected packages

firefox, mozjs102, mozjs115, mozjs38, mozjs52...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Not affected Not affected Not affected
mozjs102 Not in release Ignored Ignored
mozjs115 Not in release Ignored Not in release
mozjs38 Not in release Not in release Not in release Needs evaluation
mozjs52 Not in release Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Not in release Ignored
mozjs78 Not in release Not in release Ignored
mozjs91 Not in release Not in release Ignored
thunderbird Not affected Not affected Fixed
Show all 9 packages Show less packages

CVE-2026-0886

Medium priority

Some fixes available 1 of 11

Incorrect boundary conditions in the Graphics component. This vulnerability was fixed in Firefox 147, Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7.

9 affected packages

firefox, mozjs102, mozjs115, mozjs38, mozjs52...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Not affected Not affected Not affected
mozjs102 Not in release Ignored Ignored
mozjs115 Not in release Ignored Not in release
mozjs38 Not in release Not in release Not in release Needs evaluation
mozjs52 Not in release Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Not in release Ignored
mozjs78 Not in release Not in release Ignored
mozjs91 Not in release Not in release Ignored
thunderbird Not affected Not affected Fixed
Show all 9 packages Show less packages

CVE-2026-0885

Medium priority

Some fixes available 1 of 11

Use-after-free in the JavaScript: GC component. This vulnerability was fixed in Firefox 147, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7.

9 affected packages

firefox, mozjs102, mozjs115, mozjs38, mozjs52...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Not affected Not affected Not affected
mozjs102 Not in release Ignored Ignored
mozjs115 Not in release Ignored Not in release
mozjs38 Not in release Not in release Not in release Needs evaluation
mozjs52 Not in release Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Not in release Ignored
mozjs78 Not in release Not in release Ignored
mozjs91 Not in release Not in release Ignored
thunderbird Not affected Not affected Fixed
Show all 9 packages Show less packages

CVE-2026-0884

Medium priority

Some fixes available 1 of 11

Use-after-free in the JavaScript Engine component. This vulnerability was fixed in Firefox 147, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7.

9 affected packages

firefox, mozjs102, mozjs115, mozjs38, mozjs52...

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
firefox Not affected Not affected Not affected
mozjs102 Not in release Ignored Ignored
mozjs115 Not in release Ignored Not in release
mozjs38 Not in release Not in release Not in release Needs evaluation
mozjs52 Not in release Not in release Not in release Ignored Ignored
mozjs68 Not in release Not in release Not in release Ignored
mozjs78 Not in release Not in release Ignored
mozjs91 Not in release Not in release Ignored
thunderbird Not affected Not affected Fixed
Show all 9 packages Show less packages
  1. Previous page
  2. 26
  3. 27
  4. 28
  5. 29
  6. 30
  7. Next page
Export to JSON