Home / mailingsPDF  

[USN-7991-1] Thunderbird vulnerabilities

Posted on 03 February 2026
Ubuntu Security

==========================================================================Ubuntu Security Notice USN-7991-1
February 02, 2026

thunderbird vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 22.04 LTS

Summary:

Several security issues were fixed in Thunderbird.

Software Description:
- thunderbird: Mozilla Open Source mail and newsgroup client

Details:

Multiple security issues were discovered in Thunderbird. If a user were
tricked into opening a specially crafted website in a browsing context,
an attacker could potentially exploit these to cause a denial of service,
obtain sensitive information, bypass security restrictions, cross-site
tracing, or execute arbitrary code.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 22.04 LTS
thunderbird 1:140.7.1+build1-0ubuntu0.22.04.1

In general, a standard system update will make all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-7991-1
CVE-2024-10460, CVE-2024-10461, CVE-2024-10462, CVE-2024-10464,
CVE-2024-10465, CVE-2024-10466, CVE-2024-10467, CVE-2024-10468,
CVE-2024-50336, CVE-2024-9396, CVE-2024-9397, CVE-2024-9398,
CVE-2024-9399, CVE-2024-9400, CVE-2024-9402, CVE-2024-9403,
CVE-2025-0237, CVE-2025-0239, CVE-2025-0240, CVE-2025-0241,
CVE-2025-0243, CVE-2025-0247, CVE-2025-1018, CVE-2025-1019,
CVE-2025-1020, CVE-2025-10527, CVE-2025-10528, CVE-2025-10529,
CVE-2025-10532, CVE-2025-10533, CVE-2025-10536, CVE-2025-10537,
CVE-2025-11708, CVE-2025-11709, CVE-2025-11710, CVE-2025-11711,
CVE-2025-11712, CVE-2025-11713, CVE-2025-11714, CVE-2025-11715,
CVE-2025-13012, CVE-2025-13013, CVE-2025-13014, CVE-2025-13015,
CVE-2025-13016, CVE-2025-13017, CVE-2025-13018, CVE-2025-13019,
CVE-2025-13020, CVE-2025-14321, CVE-2025-14322, CVE-2025-14323,
CVE-2025-14324, CVE-2025-14325, CVE-2025-14327, CVE-2025-14328,
CVE-2025-14329, CVE-2025-14330, CVE-2025-14331, CVE-2025-1942,
CVE-2025-1943, CVE-2025-3031, CVE-2025-3032, CVE-2025-3034,
CVE-2025-4085, CVE-2025-4088, CVE-2025-4089, CVE-2025-4092,
CVE-2025-5270, CVE-2025-5271, CVE-2025-5272, CVE-2025-5283,
CVE-2025-6427, CVE-2025-6432, CVE-2025-6433, CVE-2025-6434,
CVE-2025-6435, CVE-2025-6436, CVE-2025-8027, CVE-2025-8028,
CVE-2025-8029, CVE-2025-8030, CVE-2025-8031, CVE-2025-8032,
CVE-2025-8033, CVE-2025-8034, CVE-2025-8035, CVE-2025-8036,
CVE-2025-8037, CVE-2025-8038, CVE-2025-8039, CVE-2025-8040,
CVE-2025-9179, CVE-2025-9180, CVE-2025-9181, CVE-2025-9182,
CVE-2025-9184, CVE-2025-9185, CVE-2026-0818, CVE-2026-0877,
CVE-2026-0878, CVE-2026-0879, CVE-2026-0880, CVE-2026-0882,
CVE-2026-0883, CVE-2026-0884, CVE-2026-0885, CVE-2026-0886,
CVE-2026-0887, CVE-2026-0890, CVE-2026-0891

Package Information:
https://launchpad.net/ubuntu/+source/thunderbird/1:140.7.1+build1-0ubuntu0.22.04.1

--===============7945161790413509443==Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature

 

TOP

Mailings :

Exploits :