{connection_id}) allows any authenticated user holding the Connection-read permission to retrieve plaintext secrets stored in a Connection's extra JSON blob, provided those credential field names - such as slack_webhook_url, bearer, dsn, auth_header, and service_key - were absent from the DEFAULT_SENSITIVE_FIELDS redaction allowlist prior to version 3.2.2. All Airflow deployments before 3.2.2 that store credentials inline in Connection extra fields and grant Connection-read access to more than one user are exposed to lateral credential theft within the platform. No public exploit code or active exploitation has been identified at time of analysis; however, the network-accessible vector and high confidentiality impact make this a meaningful priority in shared or multi-tenant Airflow environments.
Unauthorized access to form submissions in Nextcloud Forms prior to version 5.2.6 allows any authenticated user to read survey or form responses submitted by other users. The root cause is a missing authorization check in the `getSubmission` API endpoint (`ApiController.php`), which failed to verify whether the requesting user held the PERMISSION_RESULTS privilege or was the original submitter. With a CVSS score of 6.5 (Medium) and no public exploit identified at time of analysis, real-world risk is bounded by the requirement for an authenticated session, but the confidentiality impact is rated High given unrestricted access to potentially sensitive form response data.
Missing authorization in the GeoDirectory WordPress plugin (through v2.8.157) permits unauthenticated remote attackers to invoke privileged plugin operations without any credential requirement, resulting in partial integrity and availability impact on directory listings. The CVSS vector (AV:N/AC:L/PR:N/UI:N) confirms low-complexity, network-accessible exploitation requiring no user interaction, reported by Patchstack under the 'Authentication Bypass' tag. No public exploit code or CISA KEV listing has been identified at time of analysis, placing this in a moderate-priority patch tier for any WordPress deployment running a public-facing GeoDirectory instance.
Stored XSS in the myCred WordPress plugin (versions through 3.0.4) enables authenticated low-privileged attackers to persistently inject malicious scripts into web pages served by the application. When a victim - such as an administrator - subsequently visits an affected page, the stored payload executes within their browser session in the context of the WordPress origin, enabling session hijacking, credential theft, or unauthorized actions on behalf of the victim. No public exploit identified at time of analysis, and the vulnerability is not listed in CISA KEV.
Path traversal in the Classified Listing WordPress plugin (versions through 5.3.8) enables authenticated low-privileged users to download arbitrary files from the server filesystem. The vulnerability, reported by Patchstack as an arbitrary file download flaw, exposes full confidentiality impact (C:H) with no integrity or availability consequence, meaning attackers can exfiltrate sensitive server files - including wp-config.php, credentials, or private data - but cannot modify or destroy them. No active exploitation is confirmed and no public exploit code has been identified at time of analysis.
{workspace_id} endpoint. The CVSS vector (PR:L/AC:L/AV:N/UI:N/I:H) confirms this is a low-complexity network attack requiring only member-tier credentials, and the integrity impact is rated High because the settings field can be used as a configuration-injection primitive - redirecting LLM provider URLs, webhook endpoints, or invite flows to attacker-controlled infrastructure. No public exploit identified at time of analysis, though the exploit chain is trivially reproducible from the published GitHub Security Advisory GHSA-rcmc-q9rj-4wmq.
Path traversal in SOPlanning 1.55 and below exposes backup endpoints to arbitrary file read and execution, allowing a high-privilege authenticated attacker to construct payloads that traverse directories and interact with files previously stored via the backup functionality. The standalone vulnerability's PR:H authentication barrier is critically undermined by a companion flaw, CVE-2026-40543 (Missing Authorization), which removes authorization enforcement on backup file access entirely - enabling any unauthenticated user to read backup files. The combined exploit chain elevates practical risk well above what the standalone CVSS 6.4 score implies, with downstream High impacts across Confidentiality, Integrity, and Availability. No public exploit or CISA KEV listing has been identified at time of analysis.
Unrestricted file upload in SOPlanning's backup import functionality (versions 1.55 and below) allows an authenticated high-privilege attacker to smuggle a malicious PHP script inside a crafted ZIP archive alongside a legitimate user.csv file, bypassing extension validation entirely. This vulnerability is materially escalated when chained with CVE-2026-40547 (Path Traversal in the same product), which redirects extraction to a web-accessible directory, converting an upload flaw into full server-side remote code execution. No public exploit has been identified at time of analysis, and the vulnerability is not listed in CISA KEV, but the exploitation chain is technically straightforward once administrative credentials are held.
Nextcloud's Circles (Teams) sharing feature silently generates unauthenticated public access links when folders are shared with a Team containing external email-only members, links which are never surfaced in the sharing UI and cannot be revoked by the folder owner. Affected are Nextcloud versions 32.0.0-32.0.8 and 33.0.0-33.0.2 with the Circles app in use. Any party who receives or intercepts the emailed link obtains full read, write, delete, reshare, and download access to the shared folder without a Nextcloud account, and the folder owner has no visibility or revocation path through normal interfaces. No public exploit identified at time of analysis; the issue was disclosed via HackerOne.
Local privilege escalation in MediaTek's GenieZone hypervisor component affects 36 distinct chipsets via a race condition-induced out-of-bounds write. An attacker who has already obtained System-level privilege on an affected Android device can exploit the TOCTOU flaw to escalate further - likely to kernel or hypervisor-level execution - achieving full confidentiality, integrity, and availability impact. No public exploit has been identified at time of analysis, and no KEV listing exists; however, the wide chipset footprint spanning flagship to budget SoCs significantly broadens the potential attack surface.
Memory corruption in Qualcomm Snapdragon affects the IOCTL request processing path, exploitable by a local attacker with high privileges who can win a race condition between API version validation and user-space buffer consumption. Successful exploitation yields high-impact confidentiality, integrity, and availability compromise despite the moderate overall CVSS score of 6.4, which is suppressed by the high attack complexity and privilege requirements. No public exploit code and no CISA KEV listing have been identified at time of analysis, limiting immediate widespread risk.
Hard-coded cryptographic secret in PDBM.exe (by Trac d.o.o.) enables authenticated local attackers to decrypt administrative credentials stored in the product's configuration file. The static secret, constant across all PDBM installations, is embedded directly in the application binary and is used as the key for the credential encryption routine. Because the affected version configures the stored account with full administrative privileges, a successful extraction yields unrestricted access to PDBM's management interface and all underlying operational functions. No public exploit identified at time of analysis, and this CVE is not listed in the CISA KEV catalog.
Nextcloud Server's files_lock application failed to enforce file ownership during WebDAV DAV lock and unlock operations, allowing any authenticated low-privilege account to lock or unlock files belonging to other users by referencing their absolute WebDAV paths. Affected releases span Nextcloud Server 32.0.0-32.0.1 and 33.0.0, plus Nextcloud Enterprise Server in the 31.0.x, 32.x, and 33.x lines prior to their respective patches. Compounding the flaw, lock tokens were leaked in server error responses, enabling an attacker to silently remove token-based locks placed by legitimate sync clients - disrupting collaborative workflows without direct file access. No public exploit code or CISA KEV listing exists at time of analysis.
Stored XSS in the Orca user portal is enabled by a multi-layer architectural failure in older Orca heat pump devices: device-to-server communications occur over unencrypted, unauthenticated HTTP on a non-secure port, and the server performs no input validation on the data it aggregates. An unauthenticated network attacker can impersonate a legitimate heat pump device, inject malicious JavaScript payloads into the data stream, which are then stored and rendered in the Orca user portal. When a portal user loads the affected page, the stored script executes, enabling session cookie theft and unauthorized actions within the portal. No public exploit code and no CISA KEV listing have been identified at time of analysis.
Unauthorized chunking upload access in Nextcloud Server allows an authenticated share recipient to read temporary part files during another user's active file upload. Affecting versions 32.0.0-32.0.8 and 33.0.0-33.0.2, the flaw stems from the WebDAV chunking upload collection failing to restrict directory listing or GET requests on intermediate upload objects when accessed via a share token - a boundary the fix explicitly closes by blocking reads on FutureFile and UploadFile node types. No public exploit has been identified and no CISA KEV listing exists at time of analysis, but the high confidentiality impact (CVSS C:H) means sensitive in-transit file contents are fully exposed to any malicious share recipient who times access during an active upload.
Path traversal in Android's PackageInstallerService allows a local, unprivileged attacker to redirect a Device Policy Controller (DPC) installation into an unintended filesystem directory via a crafted install session, enabling local escalation of privilege on Android 14 through Android 16. No public exploit code has been identified at time of analysis, and EPSS at 0.01% (1st percentile) reflects minimal observed exploitation probability. The local attack vector (AV:L) constrains real-world exposure to scenarios where the attacker already has physical or application-level access to the device, materially limiting the attack surface compared to network-exploitable flaws.
Tapjacking via the InputInterceptor component in Android's Letterbox.java enables a locally-installed malicious app to silently capture unintended permission grants on Android 14, 15, and 16, resulting in local privilege escalation with high confidentiality impact. The vulnerability requires no elevated privileges on the part of the attacking application and is reported by Google as needing no user interaction for exploitation - a claim that is in notable tension with the tapjacking mechanism described, which inherently involves intercepting user touch events. No public exploit code exists and no active exploitation has been confirmed (EPSS 0.01%, percentile 1%), but the ease of local attack (AV:L/AC:L) and breadth of affected Android versions make patch deployment a priority for enterprise and consumer device fleets.
HTTP response header injection in Apache ActiveMQ's web console MessageServlet exposes users to security header override and cross-site scripting attacks. The servlet copies every JMS message property directly into HTTP response headers without sanitization, meaning an attacker who can publish crafted JMS messages to a broker queue can override headers such as Content-Security-Policy or X-Frame-Options when a web console user views those messages. No public exploit has been identified at time of analysis, and EPSS of 0.03% (9th percentile) reflects low observed exploitation probability, though the no-privilege-required CVSS vector and Scope:Changed score signal meaningful impact on browser security posture if exploited.
Two-factor authentication bypass in Nextcloud Server 32.0.0-32.0.8 and 33.0.0-33.0.2 allows an authenticated attacker who possesses a valid user password to fully circumvent 2FA protections and gain unauthorized account access. During the login sequence, Nextcloud creates a temporary session token after credential validation but before the second factor is enforced; this token was not restricted from use in HTTP Basic Authentication or Bearer-header flows, enabling replay to authenticated API endpoints and effectively nullifying the 2FA control. Vendor-released patches exist as 32.0.9 and 33.0.3; no public exploit identified at time of analysis, though the fix PR makes the exploit mechanism technically transparent.
Two-factor authentication bypass in Nextcloud Server 32.0.0-32.0.8 and 33.0.0-33.0.2 enables a partially-authenticated attacker to access DAV endpoints (WebDAV, CalDAV, CardDAV) with full read/write privileges by reusing a pre-2FA intermediate session cookie as a Bearer token. The TEMPORARY_TOKEN issued after successful password authentication but before TOTP completion was not restricted to cookie-based requests, allowing it to be replayed in an HTTP Authorization: Bearer header against DAV APIs - entirely circumventing mandatory two-factor authentication enforcement. No public exploit has been identified at time of analysis, though a HackerOne report (3573399) documents the issue; vendor-confirmed patches are available.
Unauthenticated information disclosure in Apache ActiveMQ Broker allows remote attackers to enumerate all durable topic subscriptions - including client identifiers, subscription names, topic destinations, and JMS selector expressions - by sending a BrokerInfo command to a broker with syncDurableSubs enabled on a network connector. The broker incorrectly skips authentication before servicing the BrokerInfo request, exposing sensitive messaging infrastructure metadata. No public exploit identified at time of analysis, and EPSS stands at 0.02% (6th percentile), indicating very low current exploitation probability despite network-reachable attack vector.
Tapjacking and UI overlay exploitation in Android's WindowState.java enables local privilege escalation on Android 14, 15, 16, and 16-qpr2 without requiring any elevated permissions from the attacker. A malicious app on the device can deploy a deceptive overlay over system permission dialogs, causing the victim to unknowingly grant elevated permissions. No public exploit has been identified at time of analysis, and EPSS at 0.01% (1st percentile) indicates very low current exploitation probability, though the broad Android version coverage across actively maintained releases elevates the aggregate exposure.
SQL injection across multiple contacts database functions in Google Android enables local privilege escalation on Android 14, 15, 16, and 16-qpr2 without requiring any elevated privileges or user interaction. The flaw allows an unprivileged local process or malicious application to inject arbitrary SQL into contacts database queries, resulting in unauthorized read, write, and partial denial-of-service impact against contact data. No public exploit has been identified at time of analysis, and EPSS probability stands at 0.01%, consistent with a local-only attack surface, though the absence of any privilege prerequisite (PR:N) lowers the bar for any attacker already on the device.
Server-Side Request Forgery in Clair's fetcher component exposes internal network services and cloud metadata endpoints to unauthenticated remote attackers who can submit container image manifests with crafted layer descriptor URIs. Affected deployments are those where PSK (Pre-Shared Key) authentication is not configured - an opt-in control that is not enforced by default - meaning standalone or custom Clair installations without PSK are directly exploitable over the network with no credentials. Reflective SSRF behavior leaks up to 256 bytes of internal error body content per request via CheckResponse error messages, enabling network reconnaissance; no public exploit has been identified at time of analysis and the vulnerability is not listed in CISA KEV.
Uncontrolled resource allocation in OTRS's e-mail handling subsystem allows a low-privileged authenticated user to trigger unbounded memory or resource consumption, ultimately aborting the webserver and causing a denial of service against the entire OTRS interface. Affected versions span OTRS 8.0.X through 2026.X prior to 2026.4.X, and the ((OTRS)) Community Edition 6.x and OTRS 7.x branches are noted by the vendor as very likely affected as well. No public exploit has been identified at time of analysis, and this vulnerability is not listed in the CISA KEV catalog.
Improper input validation in the OTRS Customer Backend module allows authenticated low-privilege users to bypass group-based access controls and read customer records restricted to other groups. Affected versions span every major OTRS release line (7.0.X through 2026.X before 2026.4.X), though exploitation is gated by a non-default configuration requirement. No public exploit identified at time of analysis and this vulnerability is not listed in the CISA KEV catalog.
Denial-of-service in Spring Cloud Function allows a low-privileged actor with physical access and required user interaction to exhaust JVM heap memory by registering an unbounded number of functions into the Function Registry, triggering an Out-of-Memory (OOM) crash. Five actively maintained release lines (3.2.x through 5.0.x) plus all unsupported versions are affected. No public exploit code exists and the vulnerability is not listed in CISA KEV at time of analysis; the CVSS score of 5.7 reflects the physical access vector and user interaction dependency that substantially constrain real-world exploitability compared to the High availability impact alone.
Uncontrolled recursion in Spring Cloud Function's routing layer triggers an Out-of-Memory (OOM) condition, resulting in a denial of service across all active release trains (3.2.x through 5.0.x). The vulnerability is rooted in CWE-674 (Uncontrolled Recursion), where the routing layer lacks depth limits or cycle detection, allowing recursive request-handling to exhaust JVM heap space. No public exploit code or CISA KEV listing has been identified at time of analysis; however, the CVSS physical attack vector (AV:P) appears inconsistent with a routing-layer vulnerability and warrants verification against the Spring/VMware advisory.
Remote unauthenticated access to multiple Admin Endpoints in code-projects Smart Parking System 1.0 allows attackers to bypass all authentication controls, gaining network-reachable read, write, and availability impact with no credentials or user interaction required. The CVSS 4.0 vector (AV:N/AC:L/AT:N/PR:N/UI:N) confirms zero-friction remote exploitation of a missing authentication gate - not a weak or bypassable one, but an entirely absent one across multiple admin functions. Publicly available exploit code exists per the E:P exploit maturity modifier and a referenced GitHub proof-of-concept repository, though no CISA KEV listing is present at time of analysis.
Unauthenticated remote attackers can create privileged administrator accounts in SourceCodester Water Billing Management System 1.0 by sending crafted requests to the User Management endpoint, bypassing all authorization controls. The researcher-published reference - titled 'Unauthenticated Admin Creation in PHP System' - confirms the practical impact exceeds the moderate CVSS score: full administrative takeover of the application is achievable without credentials. Publicly available exploit code exists (CVSS E:P), and no vendor patch has been identified at time of analysis.
Qualcomm Snapdragon chipsets improperly parse 802.11 advertisement frames containing malformed MBSSID (Multiple BSSID) elements of insufficient length, triggering a buffer over-read that discloses memory contents to an attacker. The CVSS vector (AV:N/AC:H/PR:L/UI:R/S:C) indicates network-reachable exploitation with changed scope, meaning the impact crosses beyond the Wi-Fi subsystem into adjacent components. No public exploit identified at time of analysis, and no CISA KEV listing exists; Qualcomm addressed this in their June 2026 Security Bulletin.
Out-of-bounds write in the MediaTek WLAN STA (Station mode) driver enables local denial of service across six MediaTek Wi-Fi chipset families, confirmed by MediaTek in their June 2026 Product Security Bulletin. A low-privileged local user can crash the system without any user interaction by triggering the missing bounds check in the driver, exploiting CWE-787 memory corruption. No public exploit code has been identified and this vulnerability is not listed in the CISA KEV catalog at time of analysis.
Local denial of service in Google Android's DevicePolicyManagerService affects Android 14, 15, 16, and 16-qpr2 via improper input validation across multiple service functions. A local attacker with basic user-level privileges can trigger a desynchronization between in-memory and persisted device policy state without requiring user interaction, resulting in high availability impact to the device policy management subsystem. No public exploit has been identified at time of analysis, and SSVC confirms exploitation status as none with non-automatable impact.
Local denial of service in Google Android's contacts subsystem allows a low-privileged local user to crash or destabilize the Contacts provider by inserting an oversized contact name field. Affected platforms include Android 14, 15, 16-qpr2, and 16. No special privileges beyond a standard app context are required, and no user interaction is needed, making this exploitable by any installed app with contacts write access. No public exploit identified at time of analysis.
Local denial of service in Google Android's DevicePolicyManagerService allows an authenticated local attacker to hide system-critical packages through improper input validation, rendering affected device functionality unavailable. Impacted versions span Android 14, 15, 16, and 16-qpr2, as confirmed in the June 2026 Android Security Bulletin. No public exploit or CISA KEV listing exists at time of analysis, and exploitation requires only low-level local privileges with no user interaction.
Integer overflow in Android's UBSan throwing runtime (ubsan_throwing_runtime.cpp) enables a local attacker with low privileges to cause a persistent denial of service across Android 14 through Android 16 QPR2. The flaw affects multiple functions within the file and requires no user interaction to trigger, making it exploitable by a malicious on-device application without elevated privileges. No public exploit identified at time of analysis, and the local-only attack vector constrains real-world scope, but the persistent nature of the availability impact elevates operational concern over transient crash-based DoS.
Resource exhaustion in Android's launcher image processing component allows a local low-privileged application to trigger a denial of service condition across Android 14 through 16. The flaw resides in the getPreferredSize method of LauncherProcessImageListener.kt, where uncontrolled resource consumption (CWE-400) can be induced without requiring elevated privileges or user interaction, resulting in high availability impact to the affected device. No public exploit code and no active exploitation have been identified at time of analysis; the CVSS score of 5.5 reflects the local-only attack surface and absence of confidentiality or integrity impact.
Resource exhaustion in Android 14's APK signature verification routine crashes the affected component, resulting in a local denial of service. The flaw resides in the verifySignature method of ApkChecksums.java, where uncontrolled resource consumption (CWE-400) can be triggered by a low-privileged local process with no user interaction required. No public exploit has been identified at time of analysis, and this vulnerability is not listed in the CISA KEV catalog.
Permanent local denial of service in Google Android (versions 14, 15, 16, and 16-qpr2) is possible through a logic error in multiple functions of ubsan_throwing_runtime.cpp, Android's Undefined Behavior Sanitizer throwing runtime. A low-privileged local user can trigger the flaw without any user interaction, causing an unrecoverable availability failure in the affected component - requiring a reboot or process restart to restore normal function. No public exploit code exists and no CISA KEV listing is present at time of analysis, indicating this is not currently under widespread active exploitation.
Persistent local denial of service in Google Android affects the ANGLE graphics driver state management component across Android 14, 15, 16, and 16-qpr2. A low-privileged local process can trigger a persistent DoS condition via the updateState method in GraphicsDriverEnableAngleAsSystemDriverController.java without requiring any user interaction, potentially rendering the device unusable until rebooted. No public exploit code has been identified at time of analysis, and this vulnerability has not been added to the CISA KEV catalog.
Persistent denial of service and local privilege escalation in Google Android's UBSan runtime component affect Android 14, 15, 16-qpr2, and 16, stemming from an integer overflow in multiple functions of ubsan_throwing_runtime.cpp. An authenticated local attacker with low-level privileges and no required user interaction can exploit this overflow to trigger persistent availability loss and, per the description, possible privilege escalation. No public exploit code has been identified at time of analysis, and this vulnerability is not listed in the CISA KEV catalog.
Persistent local denial of service in Google Android affects multiple functions within ubsan_throwing_runtime.cpp, where uncontrolled resource exhaustion can render a device or process permanently unavailable without requiring elevated privileges. Confirmed affected versions span Android 14, 15, 16-qpr2, and 16 per the June 2026 Android Security Bulletin. No public exploit code has been identified at time of analysis, and this is not listed in CISA KEV; however, the 'persistent' nature of the denial of service - implying state survives process restart or requires manual intervention - elevates practical impact beyond a typical availability disruption.
Persistent denial of service in Google Android's NotificationManagerService allows a local unprivileged application to exhaust system resources via the isSameApp method, rendering the device's notification subsystem - and potentially broader system stability - unavailable. Affected versions include Android 14, 15, and 16 as disclosed in the June 2026 Android Security Bulletin. No public exploit code has been identified at time of analysis, and the vulnerability has not been added to the CISA KEV catalog.
Persistent denial of service in Google Android's AccessibilityManagerService affects Android 15, Android 16, and Android 16-qpr2, allowing a local low-privileged attacker to permanently disrupt the accessibility subsystem without user interaction. The CVSS vector (AV:L/AC:L/PR:L/UI:N/A:H) confirms low-complexity local exploitation requiring only a standard app execution context. No public exploit has been identified and the vulnerability is not listed in CISA KEV at time of analysis.
SQL injection in SourceCodester Computer Repair Shop Management System 1.0 exposes the admin product management endpoint to unauthenticated remote attackers who can manipulate the 'ID' parameter in /admin/products/manage_product.php to execute arbitrary SQL statements. The CVSS 4.0 vector confirms no privileges or user interaction are required (PR:N, UI:N, AV:N), and a proof-of-concept exploit has been publicly disclosed (E:P), lowering the bar for exploitation. Impact is assessed as low-to-moderate across confidentiality, integrity, and availability on the vulnerable system, with no lateral scope change to subsequent systems.
Unauthenticated SQL injection in code-projects Real State Services 1.0 exposes the login endpoint to remote database manipulation. The Username parameter passed to /loginuser.php is unsanitized and directly interpolated into SQL queries (CWE-74), enabling unauthenticated remote attackers to extract data, bypass authentication, or alter database contents. Exploit code has been publicly disclosed via a GitHub issue report, elevating practical risk despite the moderate CVSS 4.0 score of 5.5.
SQL injection in CodeAstro Online Job Portal 1.0 exposes the /users/application_status.php endpoint to unauthenticated remote attackers who can manipulate the ID parameter to inject arbitrary SQL into backend database queries, resulting in partial confidentiality, integrity, and availability impact. A proof-of-concept exploit has been published (CVSS 4.0 E:P confirmed), lowering the barrier to exploitation significantly despite the medium overall score. No public KEV listing exists, meaning active widespread exploitation is not confirmed at time of analysis, but the combination of a public POC and zero authentication requirements makes this a credible near-term risk for any internet-exposed deployment.
SQL injection in CodeAstro Online Job Portal 1.0 exposes the `/admin/jobs-admins/delete-jobs.php` endpoint to remote database manipulation via an unsanitized `ID` parameter. The CVSS 4.0 vector (AV:N/AC:L/AT:N/PR:N/UI:N) indicates no authentication, no complexity, and no user interaction are required to exploit this flaw from the network, though the admin panel context of the vulnerable endpoint warrants verification of actual auth enforcement. Publicly available exploit code exists (E:P), elevating practical risk above what the medium CVSS score of 5.5 alone might suggest.
Heap buffer overflow in GPAC MP4Box v2.4's MPEG-2 TS demuxer crashes the application when processing a specially crafted MP4 file, resulting in a Denial of Service. The vulnerable function `m2tsdmx_send_packet` in `filters/dmx_m2ts.c` lacked a minimum packet-length guard before performing heap operations on M2TS packet data. No active exploitation has been identified (not in CISA KEV), and impact is limited to availability - no code execution or data exposure is achievable via this path.
Cross-site scripting in Firefox for iOS Reader View allows unauthenticated remote attackers to inject arbitrary markup via maliciously crafted JSON-LD metadata on attacker-controlled pages. When a victim activates Reader View on such a page, injected HTML executes in the context of an internal Firefox origin, leaking sensitive URL parameters that can be leveraged to access internal pages and achieve arbitrary JavaScript execution with elevated browser-origin trust. Mozilla patched this in Firefox for iOS 151.2 per MFSA2026-53; no public exploit code and no CISA KEV listing have been identified at time of analysis.