CVE-2026-0818 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2026-0818 Interim 1 1 2026-03-05T00:19:54Z current 2026-03-05T00:19:54Z 2026-03-05T00:19:54Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2026-0818 When a user explicitly requested Thunderbird to decrypt an inline OpenPGP message that was embedded in a text section of an email that was formatted and styled with HTML and CSS, then the decrypted contents were rendered in a context in which the CSS styles from the outer messages were active. If the user had additionally allowed loading of the remote content referenced by the outer email message, and the email was crafted by the sender using a combination of CSS rules and fonts and animations, then it was possible to extract the secret contents of the email. This vulnerability affects Thunderbird < 147.0.1 and Thunderbird < 140.7.1. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.suse.com/pipermail/sle-security-updates/2026-February/024060.html E-Mail link for SUSE-SU-2026:0388-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise Workstation Extension 15 SP7 SUSE Linux Enterprise Module for Package Hub 15 SP7 SUSE Linux Enterprise Workstation Extension 15 SP7 SUSE Linux Enterprise Workstation Extension 15 SP7 openSUSE Leap 15.6 openSUSE Tumbleweed MozillaThunderbird-140.7.1-1.1 MozillaThunderbird-140.7.1-150200.8.254.1 MozillaThunderbird-openpgp-librnp-140.7.1-1.1 MozillaThunderbird-translations-common-140.7.1-1.1 MozillaThunderbird-translations-common-140.7.1-150200.8.254.1 MozillaThunderbird-translations-other-140.7.1-1.1 MozillaThunderbird-translations-other-140.7.1-150200.8.254.1 MozillaThunderbird-140.7.1-150200.8.254.1 as a component of SUSE Linux Enterprise Module for Package Hub 15 SP7 MozillaThunderbird-translations-common-140.7.1-150200.8.254.1 as a component of SUSE Linux Enterprise Module for Package Hub 15 SP7 MozillaThunderbird-translations-other-140.7.1-150200.8.254.1 as a component of SUSE Linux Enterprise Module for Package Hub 15 SP7 MozillaThunderbird-140.7.1-150200.8.254.1 as a component of SUSE Linux Enterprise Workstation Extension 15 SP7 MozillaThunderbird-translations-common-140.7.1-150200.8.254.1 as a component of SUSE Linux Enterprise Workstation Extension 15 SP7 MozillaThunderbird-translations-other-140.7.1-150200.8.254.1 as a component of SUSE Linux Enterprise Workstation Extension 15 SP7 MozillaThunderbird-140.7.1-150200.8.254.1 as a component of openSUSE Leap 15.6 MozillaThunderbird-translations-common-140.7.1-150200.8.254.1 as a component of openSUSE Leap 15.6 MozillaThunderbird-translations-other-140.7.1-150200.8.254.1 as a component of openSUSE Leap 15.6 MozillaThunderbird-140.7.1-1.1 as a component of openSUSE Tumbleweed MozillaThunderbird-openpgp-librnp-140.7.1-1.1 as a component of openSUSE Tumbleweed MozillaThunderbird-translations-common-140.7.1-1.1 as a component of openSUSE Tumbleweed MozillaThunderbird-translations-other-140.7.1-1.1 as a component of openSUSE Tumbleweed When a user explicitly requested Thunderbird to decrypt an inline OpenPGP message that was embedded in a text section of an email that was formatted and styled with HTML and CSS, then the decrypted contents were rendered in a context in which the CSS styles from the outer messages were active. If the user had additionally allowed loading of the remote content referenced by the outer email message, and the email was crafted by the sender using a combination of CSS rules and fonts and animations, then it was possible to extract the secret contents of the email. This vulnerability affects Thunderbird < 147.0.1 and Thunderbird < 140.7.1. CVE-2026-0818 SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-140.7.1-150200.8.254.1 SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-common-140.7.1-150200.8.254.1 SUSE Linux Enterprise Module for Package Hub 15 SP7:MozillaThunderbird-translations-other-140.7.1-150200.8.254.1 SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-140.7.1-150200.8.254.1 SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-common-140.7.1-150200.8.254.1 SUSE Linux Enterprise Workstation Extension 15 SP7:MozillaThunderbird-translations-other-140.7.1-150200.8.254.1 openSUSE Leap 15.6:MozillaThunderbird-140.7.1-150200.8.254.1 openSUSE Leap 15.6:MozillaThunderbird-translations-common-140.7.1-150200.8.254.1 openSUSE Leap 15.6:MozillaThunderbird-translations-other-140.7.1-150200.8.254.1 openSUSE Tumbleweed:MozillaThunderbird-140.7.1-1.1 openSUSE Tumbleweed:MozillaThunderbird-openpgp-librnp-140.7.1-1.1 openSUSE Tumbleweed:MozillaThunderbird-translations-common-140.7.1-1.1 openSUSE Tumbleweed:MozillaThunderbird-translations-other-140.7.1-1.1 moderate 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N