CVE ID :CVE-2026-4371 Published : March 24, 2026, 9:16 p.m. | 1 hour, 4 minutes ago Description :A malicious mail server could send malformed strings with negative lengths, causing the parser to read memory outside the buffer. If a mail server or connection to a mail server were compromised, an attacker could cause the parser to malfunction, potentially crashing Thunderbird or leaking sensitive data. This vulnerability affects Thunderbird < 149 and Thunderbird < 140.9. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...