CVE-2025-2817 — Thunderbird's update mechanism allowed a medium-integrity user process to interfere with the SYSTEM-level updater by manipulating the file-locking behavior. By injecting code into the user-privile — CVE Database · The Intelligence Room