CVE-2026-6768

· NIST NVD ↗

Mitigation bypass in the Networking: Cookies component. This vulnerability was fixed in Firefox 150 and Thunderbird 150.

CRITICAL
CVSS severity
9.8
CVSS base score
2026-04-21
Published

CWE codes

CWE-288

Affected products

mozilla:firefoxmozilla:thunderbird

Sources