5.3

CVE-2026-6777

Other issue in the Networking: DNS component

Other issue in the Networking: DNS component. This vulnerability was fixed in Firefox 150 and Thunderbird 150.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
MozillaFirefox SwEdition- Version < 150.0
MozillaThunderbird Version < 150.0
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.16% 0.056
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.3 3.9 1.4
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

CWE-352 Cross-Site Request Forgery (CSRF)

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

CWE-400 Uncontrolled Resource Consumption

The product does not properly control the allocation and maintenance of a limited resource.

https://www.mozilla.org/security/advisories/mfsa2026-30/
Vendor Advisory
https://bugzilla.mozilla.org/show_bug.cgi?id=2022726
Permissions Required
https://www.mozilla.org/security/advisories/mfsa2026-33/
Vendor Advisory