Security Advisory

CVE-2026-2634

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-02-24 13:33:24

Last updated 2026-04-13 13:53:52

Assigner mozilla

State PUBLISHED

Description

Malicious scripts could cause desynchronization between the address bar and web content before a response is received in Firefox iOS, allowing attacker-controlled pages to be presented under spoofed domains. This vulnerability was fixed in Firefox for iOS 147.4.

← Browse all CVEs View on cve.org ↗