Cyber Posture

CVE-2026-8964

High
Microsoft: not affectedMSmacOS: not affectedMacLinux: not affectedLnxMobile: not affectedMobNetwork: not affectedNetApplication: affectedAppOther: not affectedOth

Published: 19 May 2026

Published
19 May 2026
Modified
20 May 2026
KEV Added
Patch
CVSS Score 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
EPSS Score 0.0002 6.6th percentile
Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-8964 is a high-severity User Interface (UI) Misrepresentation of Critical Information (CWE-451) vulnerability in Mozilla Firefox. Its CVSS base score is 7.5 (High).

Operationally, ranked at the 6.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

NVD Description

Spoofing issue in the Popup Blocker component. This vulnerability was fixed in Firefox 151 and Thunderbird 151.

Deeper analysisAI

Automated synthesis unavailable for this CVE.

Details

CWE(s)
CWE-451

Affected Products

mozilla
firefox
≤ 151.0.0
mozilla
thunderbird
≤ 151.0.0

References