Alert GCSA-26078 - Aggiornamento di sicurezza per prodotti Mozilla
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
******************************************************************
Alert ID: GCSA-26078
Data: 11 Maggio 2026
Titolo: Aggiornamento di sicurezza per prodotti Mozilla
******************************************************************
:: Descrizione del problema
Sono state riscontrate vulnerabilita' multiple nei prodotti Mozilla,
che potrebbero consentire ad un attaccante remoto di eseguire
codice arbitrario ed innescare condizioni di Denial of Service su un sistema affetto.
Maggiori informazioni sono disponibili alla sezione "Riferimenti".
:: Software interessato
Firefox versioni precedenti alla 150.0.2
Firefox ESR versioni precedenti alla 115.35.2
Firefox ESR versioni precedenti alla 140.10.2
Thunderbird versioni precedenti alla 140.10.2
Thunderbird versioni precedenti alla 150.0.2
:: Impatto
Remote Code Execution
Denial of Service
:: Soluzioni
Aggiornare Firefox all'ultima versione
https://support.mozilla.org/en-US/kb/update-firefox-latest-release
https://www.mozilla.org/it/firefox/new/
https://www.mozilla.org/it/firefox/enterprise/
https://www.mozilla.org/it/firefox/all/#product-desktop-release
Aggiornare Thunderbird all'ultima versione
https://support.mozilla.org/it/kb/aggiornamento-di-thunderbird
https://www.mozilla.org/it/thunderbird/
https://www.thunderbird.net/it/thunderbird/all/
https://www.thunderbird.net/it/thunderbird/releases/
:: Riferimenti
Mozilla Foundation Security Advisory
https://www.mozilla.org/en-US/security/advisories/
https://www.mozilla.org/en-US/security/advisories/mfsa2026-40/
https://www.mozilla.org/en-US/security/advisories/mfsa2026-41/
https://www.mozilla.org/en-US/security/advisories/mfsa2026-42/
https://www.mozilla.org/en-US/security/advisories/mfsa2026-43/
https://www.mozilla.org/en-US/security/advisories/mfsa2026-44/
Mitre CVE
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8090
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8091
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8092
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8093
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8094
GARR CERT Security Alert - subscribe/unsubscribe:
https://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
iF0EAREIAB0WIQTGpdiR5MqstacBGHbBnEyTZRJgQgUCagF/SAAKCRDBnEyTZRJg
QgRzAJ99Q4bxZ4ztA2MkohVbFDZO+YATmQCfdhljbynDbW/rlMV2WAvEDsX4yEc=
=//E/
-----END PGP SIGNATURE-----
Hash: SHA256
******************************************************************
Alert ID: GCSA-26078
Data: 11 Maggio 2026
Titolo: Aggiornamento di sicurezza per prodotti Mozilla
******************************************************************
:: Descrizione del problema
Sono state riscontrate vulnerabilita' multiple nei prodotti Mozilla,
che potrebbero consentire ad un attaccante remoto di eseguire
codice arbitrario ed innescare condizioni di Denial of Service su un sistema affetto.
Maggiori informazioni sono disponibili alla sezione "Riferimenti".
:: Software interessato
Firefox versioni precedenti alla 150.0.2
Firefox ESR versioni precedenti alla 115.35.2
Firefox ESR versioni precedenti alla 140.10.2
Thunderbird versioni precedenti alla 140.10.2
Thunderbird versioni precedenti alla 150.0.2
:: Impatto
Remote Code Execution
Denial of Service
:: Soluzioni
Aggiornare Firefox all'ultima versione
https://support.mozilla.org/en-US/kb/update-firefox-latest-release
https://www.mozilla.org/it/firefox/new/
https://www.mozilla.org/it/firefox/enterprise/
https://www.mozilla.org/it/firefox/all/#product-desktop-release
Aggiornare Thunderbird all'ultima versione
https://support.mozilla.org/it/kb/aggiornamento-di-thunderbird
https://www.mozilla.org/it/thunderbird/
https://www.thunderbird.net/it/thunderbird/all/
https://www.thunderbird.net/it/thunderbird/releases/
:: Riferimenti
Mozilla Foundation Security Advisory
https://www.mozilla.org/en-US/security/advisories/
https://www.mozilla.org/en-US/security/advisories/mfsa2026-40/
https://www.mozilla.org/en-US/security/advisories/mfsa2026-41/
https://www.mozilla.org/en-US/security/advisories/mfsa2026-42/
https://www.mozilla.org/en-US/security/advisories/mfsa2026-43/
https://www.mozilla.org/en-US/security/advisories/mfsa2026-44/
Mitre CVE
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8090
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8091
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8092
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8093
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8094
GARR CERT Security Alert - subscribe/unsubscribe:
https://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
iF0EAREIAB0WIQTGpdiR5MqstacBGHbBnEyTZRJgQgUCagF/SAAKCRDBnEyTZRJg
QgRzAJ99Q4bxZ4ztA2MkohVbFDZO+YATmQCfdhljbynDbW/rlMV2WAvEDsX4yEc=
=//E/
-----END PGP SIGNATURE-----