CVE-2026-2032

CVSS v3.1

4.3

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

Malicious scripts that interrupt new tab page loading could cause desynchronization between the address bar and page content, allowing the attacker to spoof arbitrary HTML under a trusted domain. This vulnerability affects Firefox for iOS < 147.2.1.

Fix

Authentication Bypass by Spoofing

UI Misrepresentation of Critical Information

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-290CWE-451

Related Identifiers

CVE-2026-2032

Affected Products

Firefox For Ios

CVE-2026-2032

Weakness Enumeration

Related Identifiers

Affected Products

References · 3