PT-2026-33941 · Mozilla · Firefox+1

Paranoidmoth

·

Published

2026-04-21

·

Updated

2026-04-27

·

CVE-2026-6755

CVSS v3.1

6.5

Medium

VectorAV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Firefox versions prior to 150 Thunderbird versions prior to 150
Description A mitigation bypass exists in the DOM postMessage component.
Recommendations Update to version 150 or later.

Fix

CSRF

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-352

Related Identifiers

CVE-2026-6755
OPENSUSE-SU-2026:10626-1

Affected Products

Firefox
Thunderbird