Fluid Attacks Database

Description

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to incorrect boundary conditions in the Widget: Win32 component

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
rpm rhel6	thunderbird	-	-
rpm rhel9	thunderbird	<0:140.11.0-1.el9_8	0:140.11.0-1.el9_8
rpm rhel10	thunderbird	<0:140.11.0-1.el10_2	0:140.11.0-1.el10_2
rpm rhel7	thunderbird	-	-
rpm rhel8	thunderbird	<0:140.11.0-1.el8_10	0:140.11.0-1.el8_10
rpm rhel10	thunderbird-flatpak	-	-

Aliases

1. CVE-2026-89592. NVD-2026-89593. OSV-2026-8959

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.