{ "document":{ "aggregate_severity":{ "namespace":"https://nvd.nist.gov/vuln-metrics/cvss", "text":"HIGH" }, "category":"csaf_vex", "csaf_version":"2.0", "distribution":{ "tlp":{ "label":"WHITE", "url":"https:/www.first.org/tlp/" } }, "lang":"en", "notes":[ { "text":"A use-after-free vulnerability exists in the Widget: Cocoa component of Mozilla Firefox and Thunderbird. The vulnerability stems from the program referencing memory after it has been freed. An attacker could exploit this vulnerability to cause the application to crash, read unexpected values, or execute arbitrary code, thereby affecting the confidentiality, integrity, and availability of the system. This vulnerability affects Firefox versions up to 149 and corresponding versions of Thunderbird.", "category":"general", "title":"Synopsis" } ], "publisher":null, "references":[ { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2026-6759" }, { "summary":"CVE-2026-6759 vex file", "category":"self", "url":"https://repo.openeuler.org/security/data/csaf/cve/2026/csaf-openeuler-cve-2026-6759.json" }, { "summary":"openEuler-SA-2026-2109", "category":"self", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-2109" }, { "summary":"CVE-2026-6759", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2026-6759&packageName=thunderbird" } ], "title":"openEuler cve CVE-2026-6759", "tracking":{ "initial_release_date":"2026-04-28T10:55:12+08:00", "revision_history":[ { "date":"2026-04-28T10:55:12+08:00", "summary":"Initial", "number":"1.0.0" } ], "generator":{ "date":"2026-04-28T10:55:12+08:00", "engine":{ "name":"openEuler CSAF Tool V1.0" } }, "current_release_date":"2026-04-28T10:55:12+08:00", "id":"CVE-2026-6759", "version":"1.0.0", "status":"interim" } }, "product_tree":{ "branches":[ { "name":"openEuler", "category":"vendor", "branches":[ { "name":"openEuler", "branches":[ { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP3" }, "product_id":"openEuler-24.03-LTS-SP3", "name":"openEuler-24.03-LTS-SP3" }, "name":"openEuler-24.03-LTS-SP3", "category":"product_version" } ], "category":"product_name" }, { "name":"aarch64", "branches":[ { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP3" }, "product_id":"thunderbird-140.10.0-1.oe2403sp3.aarch64.rpm", "name":"thunderbird-140.10.0-1.oe2403sp3.aarch64.rpm" }, "name":"thunderbird-140.10.0-1.oe2403sp3.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP3" }, "product_id":"thunderbird-debuginfo-140.10.0-1.oe2403sp3.aarch64.rpm", "name":"thunderbird-debuginfo-140.10.0-1.oe2403sp3.aarch64.rpm" }, "name":"thunderbird-debuginfo-140.10.0-1.oe2403sp3.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP3" }, "product_id":"thunderbird-debugsource-140.10.0-1.oe2403sp3.aarch64.rpm", "name":"thunderbird-debugsource-140.10.0-1.oe2403sp3.aarch64.rpm" }, "name":"thunderbird-debugsource-140.10.0-1.oe2403sp3.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP3" }, "product_id":"thunderbird-librnp-rnp-140.10.0-1.oe2403sp3.aarch64.rpm", "name":"thunderbird-librnp-rnp-140.10.0-1.oe2403sp3.aarch64.rpm" }, "name":"thunderbird-librnp-rnp-140.10.0-1.oe2403sp3.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP3" }, "product_id":"thunderbird-wayland-140.10.0-1.oe2403sp3.aarch64.rpm", "name":"thunderbird-wayland-140.10.0-1.oe2403sp3.aarch64.rpm" }, "name":"thunderbird-wayland-140.10.0-1.oe2403sp3.aarch64.rpm", "category":"product_version" } ], "category":"architecture" }, { "name":"src", "branches":[ { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP3" }, "product_id":"thunderbird-140.10.0-1.oe2403sp3.src.rpm", "name":"thunderbird-140.10.0-1.oe2403sp3.src.rpm" }, "name":"thunderbird-140.10.0-1.oe2403sp3.src.rpm", "category":"product_version" } ], "category":"architecture" }, { "name":"x86_64", "branches":[ { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP3" }, "product_id":"thunderbird-140.10.0-1.oe2403sp3.x86_64.rpm", "name":"thunderbird-140.10.0-1.oe2403sp3.x86_64.rpm" }, "name":"thunderbird-140.10.0-1.oe2403sp3.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP3" }, "product_id":"thunderbird-debuginfo-140.10.0-1.oe2403sp3.x86_64.rpm", "name":"thunderbird-debuginfo-140.10.0-1.oe2403sp3.x86_64.rpm" }, "name":"thunderbird-debuginfo-140.10.0-1.oe2403sp3.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP3" }, "product_id":"thunderbird-debugsource-140.10.0-1.oe2403sp3.x86_64.rpm", "name":"thunderbird-debugsource-140.10.0-1.oe2403sp3.x86_64.rpm" }, "name":"thunderbird-debugsource-140.10.0-1.oe2403sp3.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP3" }, "product_id":"thunderbird-librnp-rnp-140.10.0-1.oe2403sp3.x86_64.rpm", "name":"thunderbird-librnp-rnp-140.10.0-1.oe2403sp3.x86_64.rpm" }, "name":"thunderbird-librnp-rnp-140.10.0-1.oe2403sp3.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP3" }, "product_id":"thunderbird-wayland-140.10.0-1.oe2403sp3.x86_64.rpm", "name":"thunderbird-wayland-140.10.0-1.oe2403sp3.x86_64.rpm" }, "name":"thunderbird-wayland-140.10.0-1.oe2403sp3.x86_64.rpm", "category":"product_version" } ], "category":"architecture" } ] } ], "relationships":[ { "relates_to_product_reference":"openEuler-24.03-LTS-SP3", "product_reference":"thunderbird-140.10.0-1.oe2403sp3.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP3:thunderbird-140.10.0-1.oe2403sp3.aarch64", "name":"thunderbird-140.10.0-1.oe2403sp3.aarch64 as a component of openEuler-24.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP3", "product_reference":"thunderbird-debuginfo-140.10.0-1.oe2403sp3.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP3:thunderbird-debuginfo-140.10.0-1.oe2403sp3.aarch64", "name":"thunderbird-debuginfo-140.10.0-1.oe2403sp3.aarch64 as a component of openEuler-24.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP3", "product_reference":"thunderbird-debugsource-140.10.0-1.oe2403sp3.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP3:thunderbird-debugsource-140.10.0-1.oe2403sp3.aarch64", "name":"thunderbird-debugsource-140.10.0-1.oe2403sp3.aarch64 as a component of openEuler-24.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP3", "product_reference":"thunderbird-librnp-rnp-140.10.0-1.oe2403sp3.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP3:thunderbird-librnp-rnp-140.10.0-1.oe2403sp3.aarch64", "name":"thunderbird-librnp-rnp-140.10.0-1.oe2403sp3.aarch64 as a component of openEuler-24.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP3", "product_reference":"thunderbird-wayland-140.10.0-1.oe2403sp3.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP3:thunderbird-wayland-140.10.0-1.oe2403sp3.aarch64", "name":"thunderbird-wayland-140.10.0-1.oe2403sp3.aarch64 as a component of openEuler-24.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP3", "product_reference":"thunderbird-140.10.0-1.oe2403sp3.src.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP3:thunderbird-140.10.0-1.oe2403sp3.src", "name":"thunderbird-140.10.0-1.oe2403sp3.src as a component of openEuler-24.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP3", "product_reference":"thunderbird-140.10.0-1.oe2403sp3.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP3:thunderbird-140.10.0-1.oe2403sp3.x86_64", "name":"thunderbird-140.10.0-1.oe2403sp3.x86_64 as a component of openEuler-24.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP3", "product_reference":"thunderbird-debuginfo-140.10.0-1.oe2403sp3.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP3:thunderbird-debuginfo-140.10.0-1.oe2403sp3.x86_64", "name":"thunderbird-debuginfo-140.10.0-1.oe2403sp3.x86_64 as a component of openEuler-24.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP3", "product_reference":"thunderbird-debugsource-140.10.0-1.oe2403sp3.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP3:thunderbird-debugsource-140.10.0-1.oe2403sp3.x86_64", "name":"thunderbird-debugsource-140.10.0-1.oe2403sp3.x86_64 as a component of openEuler-24.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP3", "product_reference":"thunderbird-librnp-rnp-140.10.0-1.oe2403sp3.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP3:thunderbird-librnp-rnp-140.10.0-1.oe2403sp3.x86_64", "name":"thunderbird-librnp-rnp-140.10.0-1.oe2403sp3.x86_64 as a component of openEuler-24.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP3", "product_reference":"thunderbird-wayland-140.10.0-1.oe2403sp3.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP3:thunderbird-wayland-140.10.0-1.oe2403sp3.x86_64", "name":"thunderbird-wayland-140.10.0-1.oe2403sp3.x86_64 as a component of openEuler-24.03-LTS-SP3" }, "category":"default_component_of" } ] }, "vulnerabilities":[ { "cve":"CVE-2026-6759", "notes":[ { "text":"A use-after-free vulnerability exists in the Widget: Cocoa component of Mozilla Firefox and Thunderbird. The vulnerability stems from the program referencing memory after it has been freed. An attacker could exploit this vulnerability to cause the application to crash, read unexpected values, or execute arbitrary code, thereby affecting the confidentiality, integrity, and availability of the system. This vulnerability affects Firefox versions up to 149 and corresponding versions of Thunderbird.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":{ "$ref":"$.vulnerabilities[0].product_status.fixed" } }, "remediations":[ { "product_ids":{ "$ref":"$.vulnerabilities[0].product_status.fixed" }, "details":"thunderbird security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-2109" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.5, "vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":{ "$ref":"$.vulnerabilities[0].product_status.fixed" } } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2026-6759" } ] }