CVE-2026-12068

CVSS v3.1

7.4

High

Vector

AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N

Information disclosure vulnerability in Avira Password Manager when used with Mozilla Firefox may allow a remote attacker operating a cross-origin iframe to obtain credentials autofilled for the parent web page via incorrect autofill field selection.

This issue affects Avira Password Manager when used with Mozilla Firefox on Windows, macOS, and Linux.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-669

Related Identifiers

CVE-2026-12068

Affected Products

Avira Password Manager

CVE-2026-12068

Weakness Enumeration

Related Identifiers

Affected Products

References · 2