216.73.217.64

CVE-2025-26696

· Published 10/03/2025 19:15 · Modified 03/04/2025 13:30

Labels: CVE-2025-26696 2025-03-10CVE-2025-26696CWE-290[email protected]

Essential information

Published
10/03/2025 19:15
Modified
03/04/2025 13:30
Author
Creator
CVSS
7.0 HIGH (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L

CVSS metrics

Description

Certain crafted MIME email messages that claimed to contain an encrypted OpenPGP message, which instead contained an OpenPGP signed message, were wrongly shown as being encrypted. This vulnerability affects Thunderbird < 136 and Thunderbird < 128.8.

NVD status

Status
Analyzed — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
mozilla / thunderbird cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
mozilla / thunderbird cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*

References