CVE Catalog
CVE-2026-8950
CriticalSummary
A vulnerability allowing same-origin policy bypass in the Networking: HTTP component. It was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11.
Risk Assessment
Bypassing the same-origin policy may lead to unauthorized access to user data, posing a significant security risk to web applications.
Recommendation
It is recommended to update to the latest versions of Firefox and Thunderbird to mitigate this vulnerability.
Original NVD description (English source)
Same-origin policy bypass in the Networking: HTTP component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11.

