CVE-2026-3846 | Mozilla Firefox up to 148.0.1 CSS Parser cross-domain policy

Inserito da Angelo Barbosa | Mar 10, 2026 | CVE

A vulnerability, which was classified as problematic, has been found in Mozilla Firefox up to 148.0.1. Impacted is an unknown function of the component CSS Parser. Performing a manipulation results in permissive cross-domain policy with untrusted domains.

This vulnerability is cataloged as CVE-2026-3846. It is possible to initiate the attack remotely. There is no exploit available.

It is advisable to upgrade the affected component.

CVE-2026-3846 | Mozilla Firefox up to 148.0.1 CSS Parser cross-domain policy

Post correlati

CVE-2024-24863 | Linux Kernel up to 6.9-rc1 malidp_mw_connector_reset null pointer dereference

CVE-2025-31715 | Unisoc UWS6152 Vowifi Service command injection

CVE-2024-23910 | Elecom WRC-1167GS2-B cross-site request forgery

CVE-2024-11050 | AMTT Hotel Broadband Operation System up to 3.0.3.151204 /language.php LangID/LangName/LangEName cross site scripting