CVE-2026-14906
MEDIUMFirefox for iOS < 152.4 - Saved PDF Resource Overwrite
Title source: manualDescription
Pages with malicious titles could potentially allow saved PDF content to overwrite PDF files or bundled content within the Firefox for iOS application sandbox. This vulnerability was fixed in Firefox for iOS 152.4.
References (2)
Core 2
Scores
CVSS v3
5.3
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
partial
Details
CWE
CWE-434
Status
published
Products (1)
Mozilla/Firefox for iOS
152.4
Published
Jul 13, 2026
Tracked Since
Jul 14, 2026