CVE-2026-9078: Vulnerability in Mozilla Firefox for iOS
Firefox for iOS displayed specially crafted right-to-left (RTL) and internationalized domain names (IDNs) incorrectly in link preview UI surfaces. A crafted RTL hostname could visually reorder portions of the displayed domain, causing attacker-controlled sites to appear as trusted origins. This vulnerability was fixed in Firefox for iOS 151.1.
AI Analysis
Technical Summary
Firefox for iOS incorrectly rendered specially crafted RTL and IDN hostnames in link preview UI surfaces, allowing visual reordering of domain name portions. This could mislead users by making attacker-controlled domains appear as trusted origins. Mozilla fixed this vulnerability in Firefox for iOS 151.1, as detailed in their security advisory MFSA 2026-52.
Potential Impact
The vulnerability could cause users to be visually deceived by attacker-controlled domains appearing as trusted sites due to incorrect RTL domain rendering in link previews. This may facilitate phishing or social engineering attacks. However, the vendor rates the impact as low, and no active exploitation has been reported.
Mitigation Recommendations
Users should update Firefox for iOS to version 151.1 or later, where this vulnerability has been fixed. No additional mitigation steps are required as the issue is resolved in the official update.
CVE-2026-9078: Vulnerability in Mozilla Firefox for iOS
Description
Firefox for iOS displayed specially crafted right-to-left (RTL) and internationalized domain names (IDNs) incorrectly in link preview UI surfaces. A crafted RTL hostname could visually reorder portions of the displayed domain, causing attacker-controlled sites to appear as trusted origins. This vulnerability was fixed in Firefox for iOS 151.1.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
Firefox for iOS incorrectly rendered specially crafted RTL and IDN hostnames in link preview UI surfaces, allowing visual reordering of domain name portions. This could mislead users by making attacker-controlled domains appear as trusted origins. Mozilla fixed this vulnerability in Firefox for iOS 151.1, as detailed in their security advisory MFSA 2026-52.
Potential Impact
The vulnerability could cause users to be visually deceived by attacker-controlled domains appearing as trusted sites due to incorrect RTL domain rendering in link previews. This may facilitate phishing or social engineering attacks. However, the vendor rates the impact as low, and no active exploitation has been reported.
Mitigation Recommendations
Users should update Firefox for iOS to version 151.1 or later, where this vulnerability has been fixed. No additional mitigation steps are required as the issue is resolved in the official update.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- mozilla
- Date Reserved
- 2026-05-20T12:53:12.834Z
- Cvss Version
- null
- State
- PUBLISHED
- Remediation Level
- null
- Vendor Advisory Urls
- [{"url":"https://www.mozilla.org/security/advisories/mfsa2026-52/","vendor":"Mozilla"}]
Threat ID: 6a149bd6a5ae1af1aad7741d
Added to database: 5/25/2026, 6:58:30 PM
Last enriched: 5/25/2026, 6:59:46 PM
Last updated: 5/26/2026, 7:54:00 AM
Views: 8
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.