Perhaps update to version 128. Or just the next point release, the 115 releases went to 115.14. I have a particular hatred of third party applications that enforce updates. They oh so often go badly wrong. I can not tell you which version your specific vulnerability was fixed in, as you do not identify what it is. There are vulnerabilities fixed in just about every point release. It is for this reason the development folks are so keen for people to actually remain up to date with releases instead of hanging on to older versions. Here is a link to known vulnerabilities and which version they were fixed in. https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/