CVE-2026-8969
Analyzed Analyzed - Analysis Complete
DOM Security Component Mitigation Bypass in Firefox

Publication date: 2026-05-19

Last updated on: 2026-05-20

Assigner: Mozilla Corporation

Description
Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 151 and Thunderbird 151.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-19
Last Modified
2026-05-20
Generated
2026-06-10
AI Q&A
2026-05-20
EPSS Evaluated
2026-06-08
NVD
CVE-2026-8969
EUVD
EUVD-2026-30921
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
mozilla firefox to 151.0.0 (exc)
mozilla thunderbird to 151.0.0 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-693 The product does not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Compliance Impact

The vulnerability is a mitigation bypass in the DOM security component with a high CVSS score indicating high impact on confidentiality and integrity. Such vulnerabilities can potentially lead to unauthorized access to sensitive data, which may affect compliance with data protection regulations like GDPR and HIPAA that require safeguarding personal and sensitive information.

However, the provided information does not explicitly describe the direct impact on compliance with specific standards or regulations.

Executive Summary

This vulnerability is a mitigation bypass in the DOM (Document Object Model) security component of Mozilla Firefox. It means that a security measure intended to protect the DOM was circumvented, potentially allowing an attacker to exploit the browser in ways that were previously prevented. The issue was fixed in Firefox version 151.

Impact Analysis

By bypassing the DOM security mitigation, an attacker could potentially manipulate web content or execute unauthorized actions within the browser environment. This could lead to security risks such as unauthorized data access, execution of malicious scripts, or other browser-based attacks.

Mitigation Strategies

The vulnerability was fixed in Firefox 151. The immediate step to mitigate this vulnerability is to update your Firefox browser to version 151 or later.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-8969. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart