Vulnerability in Mozilla Thunderbird
CVE-2026-3889
Spoofing issue in Thunderbird. This vulnerability was fixed in Thunderbird 149 and Thunderbird 140.9.
EPSS: 0.000 (10.3th percentile) — read the EPSS interpretation.
Affected products
- Mozilla Thunderbird — versions 140.9, 149