Mozilla Foundation Security Advisory 2026-66

Security Vulnerabilities fixed in Firefox for iOS 152.4

Announced
July 13, 2026
Impact
low
Products
Firefox for iOS
Fixed in
  • Firefox for iOS 152.4

#CVE-2026-14906: Malicious webpage titles could allow overwriting of bundled PDF resources when saving webpages as PDFs in Firefox for iOS

Reporter
Muneaki Nishimura
Impact
low
Description

Pages with malicious titles could potentially allow saved PDF content to overwrite PDF files or bundled content within the Firefox for iOS application sandbox.

References