Vulnerability Details CVE-2026-12290
Memory safety bug fixed in Thunderbird 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 5.1%
CVSS Severity
CVSS v3 Score 8.1
References
- https://bugzilla.mozilla.org/show_bug.cgi?id=2024852
- https://www.mozilla.org/security/advisories/mfsa2026-57/
- https://www.mozilla.org/security/advisories/mfsa2026-58/
- https://www.mozilla.org/security/advisories/mfsa2026-59/
- https://www.mozilla.org/security/advisories/mfsa2026-60/
- https://www.mozilla.org/security/advisories/mfsa2026-61/