CVE-2026-8950 | Mozilla Firefox up to 140.10/150 HTTP cross-domain policy

A vulnerability identified as critical has been detected in Mozilla Firefox up to 140.10/150. The affected element is an unknown function of the component HTTP Component. The manipulation leads to permissive cross-domain policy with untrusted domains.

This vulnerability is uniquely identified as CVE-2026-8950. The attack is possible to be carried out remotely. No exploit exists.

You should upgrade the affected component.VulDB Recent EntriesRead More