CVE-2026-2032

Malicious scripts that interrupt new tab page loading could cause desynchronization between the address bar and page content, allowing the attacker to spoof arbitrary HTML under a trusted domain. This vulnerability affects Firefox for iOS < 147.2.1.

Published Feb 17, 2026

https://www.mozilla.org/security/advisories/mfsa2026-09/

CVSS ScoreHigh

7.1

Ecosystem	Package	Version

Ecosystem	Package	Version

Vulnerabilities

CVE-2026-2032

Malicious scripts that interrupt new tab page loading could cause desynchronization between the address bar and page content, allowing the attacker to spoof arbitrary HTML under a trusted domain. This vulnerability affects Firefox for iOS < 147.2.1.

Published Feb 17, 2026

https://www.mozilla.org/security/advisories/mfsa2026-09/

CVSS ScoreHigh

7.1

No packages found

Try adjusting your search terms.

Ecosystem	Package	Version

No packages found

Try adjusting your search terms.

Find vulnerabilities. Fix fast with AI.

CVE-2026-2032

CVE-2026-2032

No packages found

No packages found