Spoofing Vulnerability in Firefox Core & HTML Components
CVE-2026-6762

Currently unrated

Key Information:

Vendor: Mozilla
Status: Firefox
Vendor: CVE Published:; 21 April 2026

What is CVE-2026-6762?

Mozilla Firefox has a spoofing vulnerability in its DOM: Core & HTML components that could allow an attacker to manipulate the display of data on a user’s browser. This issue could mislead users regarding the authenticity of the information while browsing. Resolved in Firefox version 150, Firefox ESR 115.35, and Firefox ESR 140.10, this fix underscores the importance of using updated software to defend against potential exploitation.

Affected Version(s)

Firefox 115.35

Firefox 140.10

Firefox 150

References

https://bugzilla.mozilla.org/show_bug.cgi?id=2021080

https://www.mozilla.org/security/advisories/mfsa2026-30/

https://www.mozilla.org/security/advisories/mfsa2026-31/

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 21, 2026
Vulnerability Reserved
Apr 21, 2026

Credit

Farras Givari

CVE-2026-6762 Data

JSON