Mozilla Firefox For Ios
50 CVEs affecting Mozilla Firefox For Ios. Latest disclosed: 2026-06-01. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-8706 | Medium | 6.5 | 2026-05-19 | Firefox for iOS hosted Reader mode on an unauthenticated local web server, allowing another application on the same device to request arbitrary URLs and receiv… |
CVE-2026-9309 | Medium | 5.4 | 2026-06-01 | Firefox for iOS Reader View did not properly escape HTML tags in JSON-LD metadata. A malicious page could inject markup that changed Reader View behavior and l… |
CVE-2026-9308 | Medium | 5.4 | 2026-06-01 | Firefox for iOS Reader View replaced page content in its HTML template before replacing other internal placeholders. A malicious page could include a placehold… |
CVE-2026-9078 | Medium | 5.4 | 2026-05-25 | Firefox for iOS displayed specially crafted right-to-left (RTL) and internationalized domain names (IDNs) incorrectly in link preview UI surfaces. A crafted RT… |
CVE-2026-2634 | | 2026-02-24 | Malicious scripts could cause desynchronization between the address bar and web content before a response is received in Firefox iOS, allowing attacker-control… | |
CVE-2026-2032 | | 2026-02-16 | Malicious scripts that interrupt new tab page loading could cause desynchronization between the address bar and page content, allowing the attacker to spoof ar… | |
CVE-2025-14744 | | 2025-12-18 | Unicode RTLO characters could allow malicious websites to spoof filenames in the downloads UI for Firefox for iOS, potentially tricking users into saving files… | |
CVE-2025-10859 | | 2025-09-30 | Cookie storage for non-HTML temporary documents was being shared incorrectly with normal browsing content, allowing information from private tabs to escape Inc… | |
CVE-2025-55029 | | 2025-08-19 | Malicious scripts could bypass the popup blocker to spam new tabs, potentially resulting in denial of service attacks. This vulnerability was fixed in Firefox… | |
CVE-2025-55031 | | 2025-08-19 | Malicious pages could use Firefox for iOS to pass FIDO: links to the OS and trigger the hybrid passkey transport. An attacker within Bluetooth range could have… | |
CVE-2025-55028 | | 2025-08-19 | Malicious scripts utilizing repetitive JavaScript alerts could prevent client user interaction in some scenarios and allow for denial of service attacks. This… | |
CVE-2025-55030 | | 2025-08-19 | Firefox for iOS would not respect a Content-Disposition header of type Attachment and would incorrectly display the content inline rather than downloading, pot… | |
CVE-2025-54145 | | 2025-08-19 | The QR scanner could allow arbitrary websites to be opened if a user was tricked into scanning a malicious link that leveraged Firefox's open-text URL scheme… | |
CVE-2025-54144 | | 2025-08-19 | The URL scheme used by Firefox to facilitate searching of text queries could incorrectly allow attackers to open arbitrary website URLs or internal pages if a… | |
CVE-2025-54143 | | 2025-08-19 | Sandboxed iframes on webpages could potentially allow downloads to the device, bypassing the expected sandbox restrictions declared on the parent page. This vu… | |
CVE-2025-5020 | | 2025-05-21 | Opening maliciously-crafted URLs in Firefox from other apps such as Safari could have allowed attackers to spoof website addresses if the URLs utilized non-HTT… | |
CVE-2025-27425 | | 2025-03-04 | Scanning certain QR codes that included text with a website URL could allow the URL to be opened without presenting the user with a confirmation alert first. T… | |
CVE-2025-27424 | | 2025-03-04 | Websites redirecting to a non-HTTP scheme URL could allow a website address to be spoofed for a malicious page. This vulnerability was fixed in Firefox for iOS… | |
CVE-2025-27426 | | 2025-03-04 | Malicious websites utilizing a server-side redirect to an internal error page could result in a spoofed website URL. This vulnerability was fixed in Firefox fo… | |
CVE-2025-23109 | | 2025-01-11 | Long hostnames in URLs could be leveraged to obscure the actual host of the website or spoof the website address. This vulnerability was fixed in Firefox for i… |