Mozilla Firefox EUVD-2026-24115

| CVE-2026-6774 MEDIUM
Protection Mechanism Failure (CWE-693)
2026-04-21 mozilla GHSA-gp6f-8rr3-wxrg
Authentication Bypass Mozilla
5.4
CVSS 3.1
Share

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
Required
Scope
Changed
Confidentiality
Low
Integrity
Low
Availability
None

Lifecycle Timeline

2
Analysis Generated
Apr 21, 2026 - 16:31 vuln.today
CVSS changed
Apr 21, 2026 - 15:22 NVD
5.4 (MEDIUM)

DescriptionNVD

Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 150.

AnalysisAI

Mitigation bypass in Firefox's DOM Security component allows authenticated remote attackers with user interaction to circumvent security controls and gain limited read/write access to sensitive data across security boundaries. Firefox 150 and later versions contain the fix; versions prior to 150 are vulnerable. …

Sign in for full analysis, threat intelligence, and remediation guidance.

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Sign in - Free

Share

EUVD-2026-24115 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy