Alert GCSA-26069 - Aggiornamento di sicurezza per prodotti Mozilla
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
******************************************************************
Alert ID: GCSA-26069
Data: 22 Aprile 2026
Titolo: Aggiornamento di sicurezza per prodotti Mozilla
******************************************************************
:: Descrizione del problema
Sono state riscontrate vulnerabilita' multiple nei prodotti Mozilla,
che potrebbero consentire ad un attaccante remoto l'esecuzione di codice arbitrario,
l'innalzamento dei privilegi, spoofing, oltrepassare restrizioni di sicurezza
ed innescare condizioni di Denial of Service su un sistema affetto.
Maggiori informazioni sono disponibili alla sezione "Riferimenti".
:: Software interessato
Firefox versioni precedenti alla 150
Firefox ESR versioni precedenti alla 115.35
Firefox ESR versioni precedenti alla 140.10
Thunderbird versioni precedenti alla 140.10
Thunderbird versioni precedenti alla 150
:: Impatto
Denial of Service
Remote Code Execution
Information Disclosure
Security Restriction Bypass
Elevation of Privilege
Spoofing
:: Soluzioni
Aggiornare Firefox all'ultima versione
https://support.mozilla.org/en-US/kb/update-firefox-latest-release
https://www.mozilla.org/it/firefox/new/
https://www.mozilla.org/it/firefox/enterprise/
https://www.mozilla.org/it/firefox/all/#product-desktop-release
Aggiornare Thunderbird all'ultima versione
https://support.mozilla.org/it/kb/aggiornamento-di-thunderbird
https://www.mozilla.org/it/thunderbird/
https://www.thunderbird.net/it/thunderbird/all/
https://www.thunderbird.net/it/thunderbird/releases/
:: Riferimenti
Mozilla Foundation Security Advisory
https://www.mozilla.org/en-US/security/advisories/
https://www.mozilla.org/en-US/security/advisories/mfsa2026-30/
https://www.mozilla.org/en-US/security/advisories/mfsa2026-31/
https://www.mozilla.org/en-US/security/advisories/mfsa2026-32/
https://www.mozilla.org/en-US/security/advisories/mfsa2026-33/
https://www.mozilla.org/en-US/security/advisories/mfsa2026-34/
Mitre CVE
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2781
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6746
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6747
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6748
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6749
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6750
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6751
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6752
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6753
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6754
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6755
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6756
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6757
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6758
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6759
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6760
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6761
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6762
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6763
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6764
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6765
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6766
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6767
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6768
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6769
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6770
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6771
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6772
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6773
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6774
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6775
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6776
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6777
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6778
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6779
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6780
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6781
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6782
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6783
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6784
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6785
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6786
GARR CERT Security Alert - subscribe/unsubscribe:
https://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
iFwEAREIAB0WIQTGpdiR5MqstacBGHbBnEyTZRJgQgUCaeh9JgAKCRDBnEyTZRJg
QrVZAJiJw4aPcy/wCeXrSLmSARR8lgIYAKCc4oN1H0RFJ+R1rFiIPiIP8501jw==
=lPj9
-----END PGP SIGNATURE-----
Hash: SHA256
******************************************************************
Alert ID: GCSA-26069
Data: 22 Aprile 2026
Titolo: Aggiornamento di sicurezza per prodotti Mozilla
******************************************************************
:: Descrizione del problema
Sono state riscontrate vulnerabilita' multiple nei prodotti Mozilla,
che potrebbero consentire ad un attaccante remoto l'esecuzione di codice arbitrario,
l'innalzamento dei privilegi, spoofing, oltrepassare restrizioni di sicurezza
ed innescare condizioni di Denial of Service su un sistema affetto.
Maggiori informazioni sono disponibili alla sezione "Riferimenti".
:: Software interessato
Firefox versioni precedenti alla 150
Firefox ESR versioni precedenti alla 115.35
Firefox ESR versioni precedenti alla 140.10
Thunderbird versioni precedenti alla 140.10
Thunderbird versioni precedenti alla 150
:: Impatto
Denial of Service
Remote Code Execution
Information Disclosure
Security Restriction Bypass
Elevation of Privilege
Spoofing
:: Soluzioni
Aggiornare Firefox all'ultima versione
https://support.mozilla.org/en-US/kb/update-firefox-latest-release
https://www.mozilla.org/it/firefox/new/
https://www.mozilla.org/it/firefox/enterprise/
https://www.mozilla.org/it/firefox/all/#product-desktop-release
Aggiornare Thunderbird all'ultima versione
https://support.mozilla.org/it/kb/aggiornamento-di-thunderbird
https://www.mozilla.org/it/thunderbird/
https://www.thunderbird.net/it/thunderbird/all/
https://www.thunderbird.net/it/thunderbird/releases/
:: Riferimenti
Mozilla Foundation Security Advisory
https://www.mozilla.org/en-US/security/advisories/
https://www.mozilla.org/en-US/security/advisories/mfsa2026-30/
https://www.mozilla.org/en-US/security/advisories/mfsa2026-31/
https://www.mozilla.org/en-US/security/advisories/mfsa2026-32/
https://www.mozilla.org/en-US/security/advisories/mfsa2026-33/
https://www.mozilla.org/en-US/security/advisories/mfsa2026-34/
Mitre CVE
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2781
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6746
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6747
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6748
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6749
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6750
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6751
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6752
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6753
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6754
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6755
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6756
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6757
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6758
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6759
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6760
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6761
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6762
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6763
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6764
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6765
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6766
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6767
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6768
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6769
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6770
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6771
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6772
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6773
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6774
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6775
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6776
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6777
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6778
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6779
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6780
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6781
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6782
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6783
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6784
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6785
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6786
GARR CERT Security Alert - subscribe/unsubscribe:
https://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
iFwEAREIAB0WIQTGpdiR5MqstacBGHbBnEyTZRJgQgUCaeh9JgAKCRDBnEyTZRJg
QrVZAJiJw4aPcy/wCeXrSLmSARR8lgIYAKCc4oN1H0RFJ+R1rFiIPiIP8501jw==
=lPj9
-----END PGP SIGNATURE-----