High7.5Red Hat & Ubuntu Linux
Memory safety bugs fixed in Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148
CVE-2026-2793 Published Feb 24, 2026
CVE-2026-2793
Affected products & platforms
Red Hat & Ubuntu LinuxUnclassified
Summary
Memory safety bugs fixed in Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148. Red Hat rates this important (CVSS 7.5). Affected package(s): thunderbird, firefox. Resolved in Red Hat advisory RHSA-2026:3984 — update the affected packages (`sudo dnf update`).
Affected versions
- thunderbird-0:140.8.0-1.el9_0
- thunderbird-0:140.8.0-1.el8_6
- thunderbird-0:140.8.0-1.el9_6
- thunderbird-0:140.8.0-1.el8_8
- thunderbird-0:140.8.0-1.el9_7
- thunderbird-0:140.8.0-1.el8_2
- thunderbird-0:140.8.0-1.el9_2
- thunderbird-0:140.8.0-1.el9_4
- thunderbird-0:140.8.0-1.el8_10
- firefox-0:140.8.0-2.el8_2
- firefox-0:140.8.0-2.el9_0
- firefox-0:140.8.0-2.el8_4
Official advisory · high-confidence parse· fetched 6 hours ago·verify at source
Fixed versions
- RHSA-2026:3984
Official advisory · high-confidence parse· fetched 6 hours ago·verify at source
Mitigation checklist
Recommended fix / mitigation
- Update the affected package(s) to the fixed version shipped in RHSA-2026:3984 (`sudo dnf update` / `yum update`).
Official advisory · high-confidence parse· fetched 6 hours ago·verify at source
Discussion(0)
No comments yet. Share field notes, upgrade gotchas, or questions — verify against the vendor advisory before acting on community advice.
Sign in to join the discussion.