CVE-2026-7323

high

Published 2026-05-19 · Modified 2026-05-26

💬 Discuss on Community ✚ Propose mitigation

CVSS v3

7.3

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CVSS v4 NEW

—

not yet in upstream

VIR risk

7.3

Description

Memory safety bugs present in Thunderbird ESR 140.10.0 and Thunderbird 150.0.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 150.0.1, Firefox ESR 140.10.1, Thunderbird 150.0.1, and Thunderbird 140.10.1.

Predictions

Exploit likelihood

82%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

Mitigation details

Source: Red Hat Errata — Red Hat Inc. · View original ↗ · Open-Errata-API

Description firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 140.10.1 and Firefox 150.0.1 Red Hat statement Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory. CVSS v3: 7.5 (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H) Errata / fixed releases ProductPackageAdvisoryReleased Red Hat Enterprise Linux…

Description

firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 140.10.1 and Firefox 150.0.1

Red Hat statement

Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.

CVSS v3: 7.5 (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H)

Errata / fixed releases

Product	Package	Advisory	Released
Red Hat Enterprise Linux 10	`thunderbird-0:140.10.1-1.el10_2`	RHSA-2026:19153	2026-05-19T00:00:00Z
Red Hat Enterprise Linux 10	`firefox-0:140.10.1-1.el10_2`	RHSA-2026:19157	2026-05-19T00:00:00Z
Red Hat Enterprise Linux 8	`firefox-0:140.10.1-1.el8_10`	RHSA-2026:19588	2026-05-20T00:00:00Z
Red Hat Enterprise Linux 8	`thunderbird-0:140.10.1-1.el8_10`	RHSA-2026:20586	2026-05-26T00:00:00Z
Red Hat Enterprise Linux 9	`thunderbird-0:140.10.1-1.el9_8`	RHSA-2026:19348	2026-05-19T00:00:00Z
Red Hat Enterprise Linux 9	`firefox-0:140.10.1-1.el9_8`	RHSA-2026:19370	2026-05-19T00:00:00Z

Package state

Product	Package	State
Red Hat Enterprise Linux 10	`rhel10/firefox-flatpak`	Affected
Red Hat Enterprise Linux 10	`rhel10/thunderbird-flatpak`	Affected
Red Hat Enterprise Linux 6	`firefox`	Out of support scope
Red Hat Enterprise Linux 6	`thunderbird`	Out of support scope
Red Hat Enterprise Linux 7	`firefox`	Affected
Red Hat Enterprise Linux 7	`thunderbird`	Out of support scope

Apply commands

bash fix

Apply RHSA-2026:19153 for Red Hat Enterprise Linux 10

yum update -y thunderbird
# or:
dnf upgrade -y thunderbird

Affected

Vendor	Product	Version
redhat	Red Hat Enterprise Linux 10	`Affected`
redhat	Red Hat Enterprise Linux 10	`Affected`
redhat	Red Hat Enterprise Linux 7	`Affected`

OS impact

AlmaLinux Fixed 1 release

Version	Status	Fixed in
9	Fixed	`thunderbird-140.10.1-1.el9_8.alma.1.x86_64.rpm`

Debian Fixed 5 releases

Version	Status	Fixed in
trixie	Fixed	`140.10.1esr-1~deb13u1`
sid	Fixed	`150.0.1-1`
forky	Fixed	`140.10.1esr-1`
bullseye	Fixed	`140.10.1esr-1~deb11u1`
bookworm	Fixed	`140.10.1esr-1~deb12u1`

Red Hat Fixed 2 releases

Version	Status	Fixed in
9	Fixed	—
8	Fixed	—

Application impact

Vendor	Product	Versions	Fixed
mozilla	firefox	`{"endExcluding":"140.10.1"}`	`140.10.1`
mozilla	thunderbird	`{"endExcluding":"140.10.1"}`	`140.10.1`
mozilla	firefox	`{"endExcluding":"140.10.1"}`	`140.10.1`
mozilla	thunderbird	`{"endExcluding":"140.10.1"}`	`140.10.1`

References

CWEs

CWE-119 CWE-787

Community-verified mitigations for this CVE will appear above when contributors publish them.

Verify integrity in audit chain (admin only). AS-IS.