CVE-2026-4371

Published: Mar 24, 2026Modified: Apr 13, 2026

7.4

Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H

Exploitability: 2.2 / Impact: 5.2

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

A malicious mail server could send malformed strings with negative lengths, causing the parser to read memory outside the buffer. If a mail server or connection to a mail server were compromised, an attacker could cause the parser to malfunction, potentially crashing Thunderbird or leaking sensitive data. This vulnerability was fixed in Thunderbird 149 and Thunderbird 140.9.

Affected (2)

Products: Mozilla: Thunderbird

1 product

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Mozilla Thunderbird	Before 149.0
Mozilla Thunderbird	Before 140.9.0

Related CWEs

Buffer Over-read

The product reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer.

References (3)

https://bugzilla.mozilla.org/show_bug.cgi?id=2023493

Source: security@mozilla.org

Permissions Required

https://www.mozilla.org/security/advisories/mfsa2026-23/

Source: security@mozilla.org

Vendor Advisory

https://www.mozilla.org/security/advisories/mfsa2026-24/

Source: security@mozilla.org

Vendor Advisory

Timeline

No history available yet.