PT-2026-33946 · Mozilla · Firefox+1
Richard Belisle
·
Published
2026-04-21
·
Updated
2026-04-27
·
CVE-2026-6760
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Firefox versions prior to 150
Thunderbird versions prior to 150
Description
A mitigation bypass exists in the Networking: Cookies component.
Recommendations
Update to version 150 for Firefox.
Update to version 150 for Thunderbird.
Fix
Authentication Bypass Using an Alternate Path or Channel
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Firefox
Thunderbird