IndexedDB Vulnerability in Firefox and Firefox ESR
CVE-2026-6770

Currently unrated

Key Information:

Vendor

Mozilla
Status
Firefox
Vendor
CVE Published:
21 April 2026

What is CVE-2026-6770?

A vulnerability exists in the IndexedDB component of Firefox and Firefox ESR, which can potentially allow unauthorized access to stored data. This issue has been addressed in the latest versions, including Firefox 150 and Firefox ESR 140.10, ensuring that user privacy and data integrity are maintained. Users are strongly encouraged to update their browsers to the latest versions to mitigate this vulnerability.

Affected Version(s)

Firefox 140.10

Firefox 150

References

https://bugzilla.mozilla.org/show_bug.cgi?id=2024220
https://www.mozilla.org/security/advisories/mfsa2026-30/
https://www.mozilla.org/security/advisories/mfsa2026-32/

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Dai
.