Mozilla Firefox CVE-2026-6779

| EUVD-2026-24120 MEDIUM
Improper Input Validation (CWE-20)
2026-04-21 mozilla GHSA-xp4p-9mc9-5c47
Information Disclosure Mozilla
5.3
CVSS 3.1
Share

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
None
Availability
None

Lifecycle Timeline

2
Analysis Generated
Apr 21, 2026 - 18:25 vuln.today
CVSS changed
Apr 21, 2026 - 18:22 NVD
5.3 (MEDIUM)

DescriptionNVD

Other issue in the JavaScript Engine component. This vulnerability was fixed in Firefox 150.

AnalysisAI

Mozilla Firefox JavaScript Engine contains an improper input validation flaw that permits remote, unauthenticated information disclosure to attackers without user interaction. The vulnerability (CWE-20: Improper Input Validation) affects all versions prior to Firefox 150 and allows attackers to access sensitive data via a network-based attack with low complexity. …

Sign in for full analysis, threat intelligence, and remediation guidance.

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Sign in - Free

Share

CVE-2026-6779 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy