CVE-2026-4698

critical

Published 2026-03-26 · Modified 2026-04-15

CVSS v3

9.8

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2

—

VIR risk

9.8

Description

Important: thunderbird security update

Predictions

Exploit likelihood

97%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/8/ALSA-2026-6917.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://access.redhat.com/errata/RHSA-2026:6917

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/9/ALSA-2026-6188.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2451006

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2451001

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/9/ALSA-2026-5930.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/8/ALSA-2026-5932.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2450757

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2450756

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2450755

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2450752

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2450751

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2450748

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2450747

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2450746

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2450744

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2450742

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2450741

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2450740

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2450739

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2450738

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2450735

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2450734

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2450733

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2450732

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2450730

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2450729

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2450728

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2450727

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2450726

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2450725

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2450724

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2450723

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2450722

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2450721

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2450720

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2450719

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2450718

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2450715

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2450714

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2450713

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2450712

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2450711

vendor Authored 2026-05-27

Vendor advisory: alma — https://bugzilla.redhat.com/2450710

vendor Authored 2026-05-27

Vendor advisory: alma — https://access.redhat.com/errata/RHSA-2026:5932

vendor Authored 2026-05-27

Vendor advisory: suse — https://www.suse.com/security/cve/CVE-2026-4698.html

vendor Authored 2026-05-27

Vendor advisory: rocky — https://errata.rockylinux.org/RLSA-2026:5930

vendor Authored 2026-05-27

Vendor advisory: rocky — https://errata.rockylinux.org/RLSA-2026:6188

vendor Authored 2026-05-27

Vendor advisory: debian — https://security-tracker.debian.org/tracker/CVE-2026-4698

vendor Authored 2026-05-27

Vendor advisory: security@mozilla.org — https://www.mozilla.org/security/advisories/mfsa2026-22/

vendor Authored 2026-05-27

Vendor advisory: security@mozilla.org — https://www.mozilla.org/security/advisories/mfsa2026-21/

vendor Authored 2026-05-27

Vendor advisory: security@mozilla.org — https://www.mozilla.org/security/advisories/mfsa2026-20/

vendor Authored 2026-05-27

Vendor advisory: redhat — https://access.redhat.com/errata/RHSA-2026:6188

vendor Authored 2026-05-27

Vendor advisory: redhat — https://access.redhat.com/errata/RHSA-2026:5930

vendor Authored 2026-05-27

Vendor advisory: rocky — https://errata.rockylinux.org/RLSA-2026:5932

Mitigation details

Source: Red Hat Errata — Red Hat Inc. · View original ↗ · Open-Errata-API

Description firefox: thunderbird: JIT miscompilation in the JavaScript Engine: JIT component Red Hat statement Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory. CVSS v3: 7.5 (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H) Errata / fixed releases ProductPackageAdvisoryReleased Red Hat Enterprise Linux…

Description

firefox: thunderbird: JIT miscompilation in the JavaScript Engine: JIT component

Red Hat statement

Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.

CVSS v3: 7.5 (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H)

Errata / fixed releases

Product	Package	Advisory	Released
Red Hat Enterprise Linux 10	`firefox-0:140.9.0-1.el10_1`	RHSA-2026:5931	2026-03-26T00:00:00Z
Red Hat Enterprise Linux 10	`thunderbird-0:140.9.0-1.el10_1`	RHSA-2026:6342	2026-04-01T00:00:00Z
Red Hat Enterprise Linux 10.0 Extended Update Support	`firefox-0:140.9.0-1.el10_0`	RHSA-2026:7843	2026-04-13T00:00:00Z
Red Hat Enterprise Linux 10.0 Extended Update Support	`thunderbird-0:140.9.0-1.el10_0`	RHSA-2026:8315	2026-04-15T00:00:00Z
Red Hat Enterprise Linux 7 Extended Lifecycle Support	`firefox-0:140.9.0-1.el7_9`	RHSA-2026:8427	2026-04-16T00:00:00Z
Red Hat Enterprise Linux 8	`firefox-0:140.9.0-1.el8_10`	RHSA-2026:5932	2026-03-26T00:00:00Z
Red Hat Enterprise Linux 8	`thunderbird-0:140.9.0-1.el8_10`	RHSA-2026:6917	2026-04-07T00:00:00Z
Red Hat Enterprise Linux 8.2 Advanced Update Support	`firefox-0:140.9.0-1.el8_2`	RHSA-2026:7840	2026-04-13T00:00:00Z
Red Hat Enterprise Linux 8.2 Advanced Update Support	`thunderbird-0:140.9.0-1.el8_2`	RHSA-2026:8285	2026-04-15T00:00:00Z
Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	`firefox-0:140.9.0-1.el8_4`	RHSA-2026:7858	2026-04-13T00:00:00Z
Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	`thunderbird-0:140.9.0-1.el8_4`	RHSA-2026:8850	2026-04-20T00:00:00Z
Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On	`firefox-0:140.9.0-1.el8_4`	RHSA-2026:7858	2026-04-13T00:00:00Z
Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On	`thunderbird-0:140.9.0-1.el8_4`	RHSA-2026:8850	2026-04-20T00:00:00Z
Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support	`firefox-0:140.9.0-1.el8_6`	RHSA-2026:7842	2026-04-13T00:00:00Z
Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support	`thunderbird-0:140.9.0-1.el8_6`	RHSA-2026:8289	2026-04-15T00:00:00Z
Red Hat Enterprise Linux 8.6 Telecommunications Update Service	`firefox-0:140.9.0-1.el8_6`	RHSA-2026:7842	2026-04-13T00:00:00Z
Red Hat Enterprise Linux 8.6 Telecommunications Update Service	`thunderbird-0:140.9.0-1.el8_6`	RHSA-2026:8289	2026-04-15T00:00:00Z
Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions	`firefox-0:140.9.0-1.el8_6`	RHSA-2026:7842	2026-04-13T00:00:00Z
Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions	`thunderbird-0:140.9.0-1.el8_6`	RHSA-2026:8289	2026-04-15T00:00:00Z
Red Hat Enterprise Linux 8.8 Telecommunications Update Service	`firefox-0:140.9.0-1.el8_8`	RHSA-2026:7838	2026-04-13T00:00:00Z
Red Hat Enterprise Linux 8.8 Telecommunications Update Service	`thunderbird-0:140.9.0-1.el8_8`	RHSA-2026:8288	2026-04-15T00:00:00Z
Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions	`firefox-0:140.9.0-1.el8_8`	RHSA-2026:7838	2026-04-13T00:00:00Z
Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions	`thunderbird-0:140.9.0-1.el8_8`	RHSA-2026:8288	2026-04-15T00:00:00Z
Red Hat Enterprise Linux 9	`firefox-0:140.9.0-1.el9_7`	RHSA-2026:5930	2026-03-26T00:00:00Z
Red Hat Enterprise Linux 9	`thunderbird-0:140.9.0-1.el9_7`	RHSA-2026:6188	2026-03-30T00:00:00Z
Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions	`firefox-0:140.9.0-1.el9_0`	RHSA-2026:7839	2026-04-13T00:00:00Z
Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions	`thunderbird-0:140.9.0-1.el9_0`	RHSA-2026:8286	2026-04-15T00:00:00Z
Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions	`firefox-0:140.9.0-1.el9_2`	RHSA-2026:7841	2026-04-13T00:00:00Z
Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions	`thunderbird-0:140.9.0-1.el9_2`	RHSA-2026:8287	2026-04-15T00:00:00Z
Red Hat Enterprise Linux 9.4 Extended Update Support	`firefox-0:140.9.0-1.el9_4`	RHSA-2026:7845	2026-04-13T00:00:00Z
Red Hat Enterprise Linux 9.4 Extended Update Support	`thunderbird-0:140.9.0-1.el9_4`	RHSA-2026:8290	2026-04-15T00:00:00Z
Red Hat Enterprise Linux 9.6 Extended Update Support	`firefox-0:140.9.0-1.el9_6`	RHSA-2026:7837	2026-04-13T00:00:00Z
Red Hat Enterprise Linux 9.6 Extended Update Support	`thunderbird-0:140.9.0-1.el9_6`	RHSA-2026:8284	2026-04-15T00:00:00Z

Package state

Product	Package	State
Red Hat Enterprise Linux 10	`rhel10/firefox-flatpak`	Affected
Red Hat Enterprise Linux 10	`rhel10/thunderbird-flatpak`	Affected
Red Hat Enterprise Linux 6	`firefox`	Out of support scope
Red Hat Enterprise Linux 6	`thunderbird`	Out of support scope
Red Hat Enterprise Linux 7	`thunderbird`	Out of support scope

Apply commands

bash fix

Apply RHSA-2026:5931 for Red Hat Enterprise Linux 10

yum update -y firefox
# or:
dnf upgrade -y firefox

Affected

Vendor	Product	Version
redhat	Red Hat Enterprise Linux 10	`Affected`
redhat	Red Hat Enterprise Linux 10	`Affected`

OS impact

OS	Version	Status	Fixed in
rocky	8	fixed
rhel	9	fixed
debian	sid	fixed	`149.0-1`
debian	bookworm	fixed	`140.9.0esr-1~deb12u1`
debian	bullseye	fixed	`140.9.0esr-1~deb11u1`
debian	forky	fixed	`140.9.0esr-1`
debian	trixie	fixed	`140.9.0esr-1~deb13u1`
rocky	9	fixed
sles		affected

Application impact

Vendor	Product	Versions	Fixed
mozilla	firefox	`{"endExcluding":"115.34.0"}`	`115.34.0`

References

CWEs

CWE-843

Verify integrity in audit chain (admin only). AS-IS.