6.5
CVE-2026-8961
- EPSS 0.32%
- Veröffentlicht 19.05.2026 12:29:58
- Zuletzt bearbeitet 20.05.2026 17:58:44
- Quelle security@mozilla.org
- CVE-Watchlists
- Unerledigt
Spoofing issue in the Form Autofill component
Spoofing issue in the Form Autofill component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Mozilla ≫ Thunderbird SwEditionesr Version < 140.11
Mozilla ≫ Thunderbird SwEdition- Version < 151.0.0
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.32% | 0.238 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.5 | 2.8 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
|
CWE-290 Authentication Bypass by Spoofing
This attack-focused weakness is caused by incorrectly implemented authentication schemes that are subject to spoofing attacks.
https://www.mozilla.org/security/advisories/mfsa2026-46/
https://www.mozilla.org/security/advisories/mfsa2026-48/
https://bugzilla.mozilla.org/show_bug.cgi?id=1962625
https://www.mozilla.org/security/advisories/mfsa2026-51/
https://www.mozilla.org/security/advisories/mfsa2026-50/