Vulnerability in Mozilla Thunderbird
CVE-2026-57962
A malicious LDAP server, which a Thunderbird user is configured to query for address-book autocomplete, can stash arbitrarily large amounts of attacker-supplied data into the Thunderbird LDAP client until it crashes due to memory exhaustio…
Affected products
- Mozilla Thunderbird — versions 140.12.1, 152.0.1