What is the CVSS score of EUVD-2026-30912?

EUVD-2026-30912 has a CVSS 3.1 base score of 6.5 (Medium). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N. EPSS exploitation probability: 0.0%.

Is there a patch available for EUVD-2026-30912?

Yes, a patch is available for EUVD-2026-30912. Update the affected software to the latest version immediately.

Mozilla Firefox EUVD-2026-30912

| CVE-2026-8961 MEDIUM

Authentication Bypass by Spoofing (CWE-290)

2026-05-19 mozilla

GHSA-5qxp-cr8v-39px

Authentication Bypass Red Hat Mozilla Suse

6.5

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

None

Integrity

High

Availability

None

Lifecycle Timeline

Analysis Generated

May 20, 2026 - 17:29 vuln.today

CVSS changed

May 20, 2026 - 17:22 NVD

6.5 (MEDIUM)

CVE Published

May 19, 2026 - 12:29 nvd

UNKNOWN (no severity yet)

DescriptionNVD

Spoofing issue in the Form Autofill component. This vulnerability was fixed in Firefox 151 and Firefox ESR 140.11.

AnalysisAI

Spoofing via the Form Autofill component in Mozilla Firefox allows a network-based attacker to achieve high integrity impact against users who interact with attacker-controlled content. The CVSS vector (AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N) confirms no authentication is required from the attacker side, but a victim must interact with malicious content for the attack to succeed. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory