7.5
CVE-2026-8966
- EPSS 0.33%
- Veröffentlicht 19.05.2026 12:30:11
- Zuletzt bearbeitet 20.05.2026 17:51:24
- Quelle security@mozilla.org
- CVE-Watchlists
- Unerledigt
Information disclosure in the IP Protection component
Information disclosure in the IP Protection component. This vulnerability was fixed in Firefox 151 and Thunderbird 151.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Mozilla ≫ Thunderbird SwEdition- Version < 151.0.0
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.33% | 0.248 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
https://www.mozilla.org/security/advisories/mfsa2026-46/
https://bugzilla.mozilla.org/show_bug.cgi?id=2025849
https://www.mozilla.org/security/advisories/mfsa2026-50/