CVE-2026-8950: Same-origin policy bypass in the Networking: HTTP component. This vuln ...

Severity: Critical

CVSS Score: 9.3

Same-origin policy bypass in the Networking: HTTP component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11.