PT-2026-27409 · Mozilla+1 · Thunderbird+3

Josh Aas

Publicado

2026-01-01

Atualizado

2026-04-17

CVE-2026-4711

CVSS v3.1

9.8

Crítica

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 149 Firefox ESR versions prior to 140.9 Thunderbird versions prior to 149 Thunderbird versions prior to 140.9

Description A use-after-free issue exists in the Widget: Cocoa component. This can potentially lead to unexpected behavior or crashes.

Recommendations Update Firefox to version 149 or later. Update Firefox ESR to version 140.9 or later. Update Thunderbird to version 149 or later. Update Thunderbird to version 140.9 or later.

Correção

Use After Free

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-416

Identificadores relacionados

ALSA-2026:5930

ALSA-2026:5931

ALSA-2026:5932

ALSA-2026:6188

ALSA-2026:6342

ALSA-2026:6917

CVE-2026-4711

MGASA-2026-0080

MGASA-2026-0081

OESA-2026-1705

OESA-2026-1706

OESA-2026-1707

OESA-2026-1708

OESA-2026-1709

OESA-2026-1993

OESA-2026-1994

OPENSUSE-SU-2026:10413-1

OPENSUSE-SU-2026:10447-1

OPENSUSE-SU-2026:10458-1

OPENSUSE-SU-2026:20439-1

RHSA-2026:5930

RHSA-2026:5931

RHSA-2026:5932

RHSA-2026:6188

RHSA-2026:6342

RHSA-2026:6917

RHSA-2026:7837

RHSA-2026:7838

RHSA-2026:7839

RHSA-2026:7840

RHSA-2026:7841

RHSA-2026:7842

RHSA-2026:7843

RHSA-2026:7845

RHSA-2026:7858

RHSA-2026:8284

RHSA-2026:8285

RHSA-2026:8286

RHSA-2026:8287

RHSA-2026:8288

RHSA-2026:8289

RHSA-2026:8290

RHSA-2026:8315

RHSA-2026:8427

RHSA-2026:8850

SUSE-SU-2026:1126-1

SUSE-SU-2026:1127-1

SUSE-SU-2026:1163-1

SUSE-SU-2026:20978-1

Produtos afetados

Firefox

Firefox Esr

Rocky Linux

Thunderbird

PT-2026-27409 · Mozilla+1 · Thunderbird+3

CVE-2026-4711

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 251