CVE Catalog

CVE-2026-0881

CriticalCVSS 10.0
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.31%

22th percentile - higher than 22% of all known CVEs

Summary

A sandbox escape vulnerability exists in the Messaging System component. This flaw was fixed in Firefox 147 and Thunderbird 147.

Risk Assessment

An attacker could break out of the sandbox, potentially leading to privilege escalation and full system compromise.

Recommendation

Immediately update Firefox and Thunderbird to version 147 or later.

Original NVD description (English source)

Sandbox escape in the Messaging System component. This vulnerability was fixed in Firefox 147 and Thunderbird 147.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS