Ce mail provient de l'extérieur, restons vigilants

=====================================================================

                            CERT-Renater

                Note d'Information No. 2026/VULN178
_____________________________________________________________________

DATE                : 17/02/2026

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Systems running Thunderbird versions prior
                                 to 147.0.2, 140.7.2.

=====================================================================
https://www.mozilla.org/en-US/security/advisories/mfsa2026-11/
_____________________________________________________________________


Mozilla Foundation Security Advisory 2026-11
Security Vulnerabilities fixed in Thunderbird 147.0.2 and 140.7.2


Announced    February 16, 2026
Impact       high
Products     Thunderbird
Fixed in
        Thunderbird 140.7.2
        Thunderbird 147.0.2


In general, these flaws cannot be exploited through email in the 
Thunderbird product because scripting is disabled when reading mail, 
but are potentially risks in browser or browser-like contexts.


#CVE-2026-2447: Heap buffer overflow in libvpx

Reporter     jayjayjazz
Impact       high


References

    Bug 2014390


=========================================================
+ CERT-RENATER        |    tel : 01-53-94-20-44         +
+ 23/25 Rue Daviel    |    fax : 01-53-94-20-41         +
+ 75013 Paris         |   email:cert@support.renater.fr +
=========================================================