Information Disclosure in Firefox and Firefox ESR Products by Mozilla
CVE-2026-6765

Currently unrated

Key Information:

Vendor: Mozilla
Status: Firefox
Vendor: CVE Published:; 21 April 2026

What is CVE-2026-6765?

This vulnerability involves an information disclosure flaw in the Form Autofill component of Firefox and Firefox ESR. When exploited, it can reveal sensitive user data. Mozilla has addressed this issue in versions 150 of Firefox and 140.10 of Firefox ESR, emphasizing the importance of updating to the latest versions to ensure user security.

Affected Version(s)

Firefox 140.10

Firefox 150

References

https://bugzilla.mozilla.org/show_bug.cgi?id=2022419

https://www.mozilla.org/security/advisories/mfsa2026-30/

https://www.mozilla.org/security/advisories/mfsa2026-32/

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 21, 2026
Vulnerability Reserved
Apr 21, 2026

Credit

ABDULAZIZ ALASAIQAH

CVE-2026-6765 Data

JSON