VIR Vulnerability Intelligence Relay

CVE-2026-8953

critical
Published 2026-05-27 Β· Modified 2026-06-03
πŸ’¬ Discuss on Community ✚ Propose mitigation
CVSS v3
9.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
CVSS v4 NEW
β€”
not yet in upstream
VIR risk
9.6

Description

Important: thunderbird security update

Predictions

Exploit likelihood
96%
Patch ETA
β€”

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

Mitigation details

Source: Red Hat Errata β€” Red Hat Inc. Β· View original β†— Β· Open-Errata-API

Description firefox: Sandbox escape due to use-after-free in the Disability Access APIs component Red Hat statement Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory. CVSS v3: 6.1 (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) Errata / fixed releases ProductPackageAdvisoryReleased Red Hat Enterprise Linux…

Description

firefox: Sandbox escape due to use-after-free in the Disability Access APIs component

Red Hat statement

Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.

CVSS v3: 6.1 (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)

Errata / fixed releases

ProductPackageAdvisoryReleased
Red Hat Enterprise Linux 10firefox-0:140.11.0-1.el10_2RHSA-2026:213802026-05-27T00:00:00Z
Red Hat Enterprise Linux 10thunderbird-0:140.11.0-1.el10_2RHSA-2026:223252026-06-01T00:00:00Z
Red Hat Enterprise Linux 8firefox-0:140.11.0-1.el8_10RHSA-2026:213822026-05-27T00:00:00Z
Red Hat Enterprise Linux 8thunderbird-0:140.11.0-1.el8_10RHSA-2026:226432026-06-03T00:00:00Z
Red Hat Enterprise Linux 9firefox-0:140.11.0-1.el9_8RHSA-2026:213782026-05-27T00:00:00Z
Red Hat Enterprise Linux 9thunderbird-0:140.11.0-1.el9_8RHSA-2026:213812026-05-27T00:00:00Z

Package state

ProductPackageState
Red Hat Enterprise Linux 10rhel10/firefox-flatpakAffected
Red Hat Enterprise Linux 10rhel10/thunderbird-flatpakAffected
Red Hat Enterprise Linux 6firefoxOut of support scope
Red Hat Enterprise Linux 6thunderbirdOut of support scope
Red Hat Enterprise Linux 7firefoxAffected
Red Hat Enterprise Linux 7thunderbirdOut of support scope

Apply commands

bash fix
Apply RHSA-2026:21380 for Red Hat Enterprise Linux 10
yum update -y firefox
# or:
dnf upgrade -y firefox

Affected

VendorProductVersion
redhatRed Hat Enterprise Linux 10Affected
redhatRed Hat Enterprise Linux 10Affected
redhatRed Hat Enterprise Linux 7Affected

OS impact
suse SUSE Affected 1 release
VersionStatusFixed in
β€” Affected β€”
almalinux AlmaLinux Fixed 2 releases
VersionStatusFixed in
9 Fixed firefox-x11-140.11.0-1.el9_8.alma.1.ppc64le.rpm
8 Fixed firefox-140.11.0-1.el8_10.alma.1.aarch64.rpm
debian Debian Fixed 5 releases
VersionStatusFixed in
trixie Fixed 140.11.0esr-1~deb13u1
sid Fixed 151.0-1
forky Fixed 140.11.0esr-1
bullseye Fixed 140.11.0esr-1~deb11u1
bookworm Fixed 140.11.0esr-1~deb12u1
redhat Red Hat Fixed 2 releases
VersionStatusFixed in
9 Fixed β€”
8 Fixed β€”

Application impact
VendorProductVersionsFixed
mozilla mozillafirefox{"endExcluding":"115.36.0"}115.36.0
mozilla mozillathunderbird{"endExcluding":"140.11"}140.11

References

CWEs

CWE-416

Community-verified mitigations for this CVE will appear above when contributors publish them.

Verify integrity in audit chain (admin only). AS-IS.