Primary

Context

Mozilla Firefox for iOS Reader Mode Cookie Leakage Vulnerability

Vulnerability

Patched

A vulnerability in Firefox for iOS allowed Reader mode to be hosted on an unauthenticated local web server. This setup enabled another application on the same device to request arbitrary URLs and receive responses rendered with the signed-in user's cookies. The issue has been fixed in Firefox for iOS version 151.0.

Impact

Exploitation of this vulnerability could lead to unauthorized access to sensitive user data, allowing other applications on the device to misuse the signed-in user's cookies.

Remediation

Users can update to Firefox for iOS version 151.0 to address this vulnerability.

Added: May 19, 2026, 4:20 PM

Updated: May 19, 2026, 4:20 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

2.7

remediation

0.0

relevance

8.8

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

2.7

remediation

0.0

relevance

8.8

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Mozilla Firefox for iOS Reader Mode Cookie Leakage Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Mozilla Firefox

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating