CVE-2026-8951
Toolbar Spoofing in Firefox for Android
Publication date: 2026-05-19
Last updated on: 2026-05-20
Assigner: Mozilla Corporation
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| mozilla | firefox | to 151.0.0 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-290 | This attack-focused weakness is caused by incorrectly implemented authentication schemes that are subject to spoofing attacks. |
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability impact me? :
This spoofing vulnerability could allow attackers to impersonate or mimic legitimate interface elements in the Firefox for Android Toolbar, potentially misleading users. This may result in users being tricked into performing actions they did not intend, such as entering sensitive information or clicking malicious links.
What immediate steps should I take to mitigate this vulnerability?
The vulnerability is fixed in Firefox 151. To mitigate this vulnerability, you should update Firefox for Android to version 151 or later.
Can you explain this vulnerability to me?
This vulnerability is a spoofing issue found in the Toolbar component of Firefox for Android. Spoofing vulnerabilities typically allow an attacker to deceive users by presenting false or misleading information, potentially tricking them into taking unintended actions.
The issue was addressed and fixed in Firefox version 151.