Mitigation Bypass in Mozilla Firefox's DOM Security Component
CVE-2026-6774

5.4MEDIUM

Key Information:

Vendor: Mozilla
Status: Firefox
Vendor: CVE Published:; 21 April 2026

What is CVE-2026-6774?

A vulnerability exists in the DOM security component of Mozilla Firefox that allows for a bypass of its intended mitigation measures. This can potentially expose users to security risks, influencing how content is processed and perceived by the browser. The issue was resolved in Firefox version 150, emphasizing the importance of updating to safeguard against such threats.

Affected Version(s)

Firefox 150

References

https://bugzilla.mozilla.org/show_bug.cgi?id=2016915

https://www.mozilla.org/security/advisories/mfsa2026-30/

CVSS V3.1

Score:

5.4

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 21, 2026
Vulnerability Reserved
Apr 21, 2026

Credit

lebr0nli

CVE-2026-6774 Data

JSON