Main Vulnerability Database Vulnerabilities #VU123240

#VU123240 Protection mechanism failure in Mozilla Firefox and Firefox for Android - CVE-2026-2803

Published: February 25, 2026

Vulnerability identifier: #VU123240

Vulnerability risk: Medium

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2026-2803

CWE-ID: CWE-693

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
Mozilla Firefox
Firefox for Android

Software vendor:
Mozilla

Description

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to insufficient implementation of security measures in the Settings UI component. An attacker can bypass implemented security restrictions and gain access to sensitive information.

Remediation

Install updates from vendor's website.

External links

https://www.mozilla.org/en-US/security/advisories/mfsa2026-13/

#VU123240 Protection mechanism failure in Mozilla Firefox and Firefox for Android - CVE-2026-2803

Description

Remediation

External links

Please verify you're human