Description
Firefox for iOS hosted Reader mode on an unauthenticated local web server, allowing another application on the same device to request arbitrary URLs and receive the response rendered with the signed-in user's cookies. This vulnerability was fixed in Firefox for iOS 151.0.
Published: 2026-05-19
Score: 6.2 Medium
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

Firefox for iOS hosted Reader mode on an unauthenticated local web server that allows other applications running on the same device to request arbitrary URLs, causing the response to be rendered with the signed‑in user's cookies. This flaw can enable an attacker to retrieve pages that include sensitive user data (such as session identifiers, stored login credentials, or personal information) by simply accessing the local web server. The primary consequence is the leakage of confidential information to unauthenticated third‑party apps on the device.

Affected Systems

The vulnerability affects Firefox for iOS in all versions prior to 151.0. No other vendors or product versions were reported as impacted in the CNA data. Users running older builds of the mobile browser are potentially exposed.

Risk and Exploitability

The flaw is exploitable locally; an attacker only needs to run an application on the device that is able to connect to the local web server, which is unprotected and requires no authentication. EPSS data is unavailable, but because the attack vector is local and the flaw can reveal session cookies, the risk is considered high. The vulnerability is not listed in the CISA KEV catalog, however the impact warrants immediate remediation by updating to a fixed release.

Generated by OpenCVE AI on May 19, 2026 at 16:20 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update to Firefox for iOS 151.0 or newer, which removes the unauthenticated local web server used by Reader mode.
  • If an update cannot be applied immediately, eliminate the Reader mode feature or disable it from the application settings, thereby preventing the local web server from being exposed.
  • Avoid installing or running other applications that may be able to issue HTTP requests to localhost while the vulnerable Firefox build is active.

Generated by OpenCVE AI on May 19, 2026 at 16:20 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 19 May 2026 16:45:00 +0000

Type Values Removed Values Added
First Time appeared Mozilla
Mozilla firefox For Ios
Vendors & Products Mozilla
Mozilla firefox For Ios

Tue, 19 May 2026 16:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-200
CWE-306
Metrics cvssV3_1

{'score': 6.2, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 19 May 2026 15:45:00 +0000

Type Values Removed Values Added
Description Firefox for iOS hosted Reader mode on an unauthenticated local web server, allowing another application on the same device to request arbitrary URLs and receive the response rendered with the signed-in user's cookies. This vulnerability was fixed in Firefox for iOS 151.0.
Title Sensitive user data could be leaked to other applications through Reader mode
References

Subscriptions

Mozilla Firefox For Ios
cve-icon MITRE

Status: PUBLISHED

Assigner: mozilla

Published:

Updated: 2026-05-19T17:12:23.626Z

Reserved: 2026-05-15T19:32:40.967Z

Link: CVE-2026-8706

cve-icon Vulnrichment

Updated: 2026-05-19T15:57:03.119Z

cve-icon NVD

Status : Received

Published: 2026-05-19T16:16:22.580

Modified: 2026-05-19T17:16:23.743

Link: CVE-2026-8706

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-19T16:30:09Z

Weaknesses