CVE-2026-8706

CVSS v3.1

6.5

Medium

Vector

AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Firefox for iOS versions prior to 151.0

Description Reader mode was hosted on an unauthenticated local web server. This allows another application on the same device to request arbitrary URLs and receive the response rendered with the signed-in user's cookies.

Recommendations Update to version 151.0.

Fix

Information Disclosure

Missing Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200CWE-306

Related Identifiers

CVE-2026-8706

Affected Products

Firefox For Ios

CVE-2026-8706

Weakness Enumeration

Related Identifiers

Affected Products

References · 7