CVE-2026-6771

Daily digests

A bypass in Firefox's DOM Security component lets attackers get around protections that are supposed to prevent malicious page content from executing privileged actions. Mozilla's description is sparse, but a CVSS 9.8 on a DOM security mitigation bypass typically means a crafted webpage could compromise your browser without much user interaction beyond visiting the page.

• Daily Digest · Apr 22, 2026

  AVideo CVSS 10 + Firefox DOM bypass, 5 critical fixes