Red Hat Product Security issued an advisory (RHSA-2025:13648) for Mozilla Thunderbird addressing nine security vulnerabilities (CVE-2025-8027, CVE-2025-8028, CVE-2025-8029, CVE-2025-8030, CVE-2025-8031, CVE-2025-8032, CVE-2025-8033, CVE-2025-8034, CVE-2025-8035). The issues include large branch table truncation, multiple memory safety bugs, incorrect URL stripping in CSP reports, partial return value writes in the JavaScript engine, potential user-assisted code execution via the 'Copy as cURL' command, incorrect JavaScript state machine handling for generators, XSLT documents bypassing CSP, and execution of javascript: URLs on object/embed tags. The advisory covers Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions and Extended Life Cycle variants across multiple architectures. Updated Thunderbird packages (version 128.13.0-3.el9_2) are available to address these vulnerabilities.

The vulnerabilities collectively pose risks including memory safety errors that could lead to crashes or code execution, bypassing of security policies such as CSP, and potential user-assisted code execution. These issues could allow attackers to execute arbitrary code or bypass security restrictions within the Thunderbird mail client environment. The advisory rates the security impact as Important (high severity). No known exploits in the wild have been reported at the time of this advisory.

Red Hat has released updated Thunderbird packages for Red Hat Enterprise Linux 9.2 and related variants that address these vulnerabilities. Users should apply the provided security update (thunderbird-128.13.0-3.el9_2) as soon as possible to remediate the issues. Detailed update instructions are available at https://access.redhat.com/articles/11258. No additional mitigation steps are specified beyond applying the official update.