Advisories » MGASA-2026-0036

Updated thunderbird packages fix security vulnerability

Publication date: 11 Feb 2026
Modification date: 11 Feb 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-0818

Description

CSS-based exfiltration of the content from partially encrypted emails
when allowing remote content. (CVE-2026-0818)
                

References

• https://bugs.mageia.org/show_bug.cgi?id=35100
• https://www.thunderbird.net/en-US/thunderbird/140.7.1esr/releasenotes/
• https://www.mozilla.org/en-US/security/advisories/mfsa2026-08/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0818

SRPMS

9/core

• thunderbird-140.7.1-1.mga9
• thunderbird-l10n-140.7.1-1.mga9