EUVD-2026-24123
GHSA-rm28-r39x-h3x2
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Lifecycle Timeline
3DescriptionNVD
Information disclosure in the IP Protection component. This vulnerability was fixed in Firefox 150.
AnalysisAI
Unauthenticated remote attackers can obtain sensitive information from Firefox's IP Protection component prior to version 150 via network-accessible requests with low attack complexity. The vulnerability leaks confidential data (CVSS:C=High) without requiring user interaction or special privileges, affecting all Firefox installations below version 150. …
Sign in for full analysis, threat intelligence, and remediation guidance.
RemediationAI
Within 24 hours: Identify all Firefox installations below version 150 across the organization using endpoint detection tools and disable Firefox IP Protection as a temporary measure via group policy or configuration management. Within 7 days: Deploy Firefox version 150 or later to all affected systems using your software deployment platform; verify installation with post-deployment compliance checks. …
Sign in for detailed remediation steps.
Share
External POC / Exploit Code
Leaving vuln.today