CVE-2026-9078

Firefox for iOS displayed specially crafted right-to-left (RTL) and internationalized domain names (IDNs) incorrectly in link preview UI surfaces. A crafted RTL hostname could visually reorder portions of the displayed domain, causing attacker-controlled sites to appear as trusted origins. This vuln...

medium 5.4 CVSS 3.1
Published: May 25, 2026
Modified: May 28, 2026
Vendor: Mozilla
Product: Firefox

Description

Firefox for iOS displayed specially crafted right-to-left (RTL) and internationalized domain names (IDNs) incorrectly in link preview UI surfaces. A crafted RTL hostname could visually reorder portions of the displayed domain, causing attacker-controlled sites to appear as trusted origins. This vulnerability was fixed in Firefox for iOS 151.1.

References

Related CVEs

CVE-2026-8706 medium · 6.5
Firefox for iOS hosted Reader mode on an unauthenticated local web server, allowing another application on the same device to request arbitrary URLs and receive the response render
CVE-2026-8975 high · 8.8
Memory safety bugs present in Thunderbird 140.10 and Thunderbird 150. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these c
CVE-2026-8966 high · 7.5
Information disclosure in the IP Protection component. This vulnerability was fixed in Firefox 151 and Thunderbird 151.
CVE-2026-8967 high · 7.5
Information disclosure in the Graphics: WebGPU component. This vulnerability was fixed in Firefox 151 and Thunderbird 151.
CVE-2026-8968 high · 7.5
Denial-of-service due to invalid pointer in the Audio/Video: Web Codecs component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird
CVE-2026-8969 high · 8.1
Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 151 and Thunderbird 151.