Firefox for iOS

CVEs (12)

CVE	Vendor / Product	Sev	Risk	CVSS	Published	Description
CVE-2026-2634	Mozilla Corporation Firefox	Cri	0.64	9.8	Feb 24, 2026	Malicious scripts could cause desynchronization between the address bar and web content before a response is received in Firefox iOS, allowing attacker-controlled pages to be presented under spoofed domains. This vulnerability was fixed in Firefox for iOS 147.4.
CVE-2025-55031	Mozilla Corporation Firefox	Cri	0.64	9.8	Aug 19, 2025	Malicious pages could use Firefox for iOS to pass FIDO: links to the OS and trigger the hybrid passkey transport. An attacker within Bluetooth range could have used this to trick the user into using their passkey to log the attacker's computer into the target account. This vulnerability was fixed in Firefox for iOS 142 and Focus for iOS 142.
CVE-2025-54143	Mozilla Corporation Firefox	Cri	0.64	9.8	Aug 19, 2025	Sandboxed iframes on webpages could potentially allow downloads to the device, bypassing the expected sandbox restrictions declared on the parent page. This vulnerability was fixed in Firefox for iOS 141.
CVE-2025-54145	Mozilla Corporation Firefox	Cri	0.59	9.1	Aug 19, 2025	The QR scanner could allow arbitrary websites to be opened if a user was tricked into scanning a malicious link that leveraged Firefox's open-text URL scheme. This vulnerability was fixed in Firefox for iOS 141.
CVE-2025-55029	Mozilla Corporation Firefox	Hig	0.49	7.5	Aug 19, 2025	Malicious scripts could bypass the popup blocker to spam new tabs, potentially resulting in denial of service attacks. This vulnerability was fixed in Firefox for iOS 142.
CVE-2026-8706	Mozilla Corporation Firefox for iOS	Med	0.42	6.5	May 19, 2026	Firefox for iOS hosted Reader mode on an unauthenticated local web server, allowing another application on the same device to request arbitrary URLs and receive the response rendered with the signed-in user's cookies. This vulnerability was fixed in Firefox for iOS 151.0.
CVE-2025-14744	Mozilla Corporation Firefox	Med	0.42	6.5	Dec 18, 2025	Unicode RTLO characters could allow malicious websites to spoof filenames in the downloads UI for Firefox for iOS, potentially tricking users into saving files of an unexpected file type. This vulnerability was fixed in Firefox for iOS 144.0.
CVE-2025-55030	Mozilla Corporation Firefox	Med	0.40	6.1	Aug 19, 2025	Firefox for iOS would not respect a Content-Disposition header of type Attachment and would incorrectly display the content inline rather than downloading, potentially allowing for XSS attacks. This vulnerability was fixed in Firefox for iOS 142.
CVE-2025-54144	Mozilla Corporation Firefox	Med	0.35	5.4	Aug 19, 2025	The URL scheme used by Firefox to facilitate searching of text queries could incorrectly allow attackers to open arbitrary website URLs or internal pages if a user was tricked into clicking a link. This vulnerability was fixed in Firefox for iOS 141.
CVE-2026-2032	Mozilla Corporation Firefox	Med	0.28	4.3	Feb 16, 2026	Malicious scripts that interrupt new tab page loading could cause desynchronization between the address bar and page content, allowing the attacker to spoof arbitrary HTML under a trusted domain. This vulnerability was fixed in Firefox for iOS 147.2.1.
CVE-2025-5020	Mozilla Corporation Firefox	Med	0.28	4.3	May 21, 2025	Opening maliciously-crafted URLs in Firefox from other apps such as Safari could have allowed attackers to spoof website addresses if the URLs utilized non-HTTP schemes used internally by the Firefox iOS client. This vulnerability was fixed in Firefox for iOS 139.
CVE-2025-10859	Mozilla Corporation Firefox	Med	0.26	4.0	Sep 30, 2025	Cookie storage for non-HTML temporary documents was being shared incorrectly with normal browsing content, allowing information from private tabs to escape Incognito mode even after the user closed all tabs. This vulnerability was fixed in Firefox for iOS 143.1.

CVE-2026-2634CriFeb 24, 2026
Mozilla Corporation
Firefox
risk 0.64cvss 9.8epss 0.00
Malicious scripts could cause desynchronization between the address bar and web content before a response is received in Firefox iOS, allowing attacker-controlled pages to be presented under spoofed domains. This vulnerability was fixed in Firefox for iOS 147.4.
CVE-2025-55031CriAug 19, 2025
Mozilla Corporation
Firefox
risk 0.64cvss 9.8epss 0.00
Malicious pages could use Firefox for iOS to pass FIDO: links to the OS and trigger the hybrid passkey transport. An attacker within Bluetooth range could have used this to trick the user into using their passkey to log the attacker's computer into the target account. This vulnerability was fixed in Firefox for iOS 142 and Focus for iOS 142.
CVE-2025-54143CriAug 19, 2025
Mozilla Corporation
Firefox
risk 0.64cvss 9.8epss 0.00
Sandboxed iframes on webpages could potentially allow downloads to the device, bypassing the expected sandbox restrictions declared on the parent page. This vulnerability was fixed in Firefox for iOS 141.
CVE-2025-54145CriAug 19, 2025
Mozilla Corporation
Firefox
risk 0.59cvss 9.1epss 0.00
The QR scanner could allow arbitrary websites to be opened if a user was tricked into scanning a malicious link that leveraged Firefox's open-text URL scheme. This vulnerability was fixed in Firefox for iOS 141.
CVE-2025-55029HigAug 19, 2025
Mozilla Corporation
Firefox
risk 0.49cvss 7.5epss 0.00
Malicious scripts could bypass the popup blocker to spam new tabs, potentially resulting in denial of service attacks. This vulnerability was fixed in Firefox for iOS 142.
CVE-2026-8706MedMay 19, 2026
Mozilla Corporation
Firefox for iOS
risk 0.42cvss 6.5epss 0.00
Firefox for iOS hosted Reader mode on an unauthenticated local web server, allowing another application on the same device to request arbitrary URLs and receive the response rendered with the signed-in user's cookies. This vulnerability was fixed in Firefox for iOS 151.0.
CVE-2025-14744MedDec 18, 2025
Mozilla Corporation
Firefox
risk 0.42cvss 6.5epss 0.00
Unicode RTLO characters could allow malicious websites to spoof filenames in the downloads UI for Firefox for iOS, potentially tricking users into saving files of an unexpected file type. This vulnerability was fixed in Firefox for iOS 144.0.
CVE-2025-55030MedAug 19, 2025
Mozilla Corporation
Firefox
risk 0.40cvss 6.1epss 0.00
Firefox for iOS would not respect a Content-Disposition header of type Attachment and would incorrectly display the content inline rather than downloading, potentially allowing for XSS attacks. This vulnerability was fixed in Firefox for iOS 142.
CVE-2025-54144MedAug 19, 2025
Mozilla Corporation
Firefox
risk 0.35cvss 5.4epss 0.00
The URL scheme used by Firefox to facilitate searching of text queries could incorrectly allow attackers to open arbitrary website URLs or internal pages if a user was tricked into clicking a link. This vulnerability was fixed in Firefox for iOS 141.
CVE-2026-2032MedFeb 16, 2026
Mozilla Corporation
Firefox
risk 0.28cvss 4.3epss 0.00
Malicious scripts that interrupt new tab page loading could cause desynchronization between the address bar and page content, allowing the attacker to spoof arbitrary HTML under a trusted domain. This vulnerability was fixed in Firefox for iOS 147.2.1.
CVE-2025-5020MedMay 21, 2025
Mozilla Corporation
Firefox
risk 0.28cvss 4.3epss 0.00
Opening maliciously-crafted URLs in Firefox from other apps such as Safari could have allowed attackers to spoof website addresses if the URLs utilized non-HTTP schemes used internally by the Firefox iOS client. This vulnerability was fixed in Firefox for iOS 139.
CVE-2025-10859MedSep 30, 2025
Mozilla Corporation
Firefox
risk 0.26cvss 4.0epss 0.00
Cookie storage for non-HTML temporary documents was being shared incorrectly with normal browsing content, allowing information from private tabs to escape Incognito mode even after the user closed all tabs. This vulnerability was fixed in Firefox for iOS 143.1.