Overview

Vulnerabilities reported to Mozilla Firefox by our member have been assigned CVE identifiers. They are CVE-2026-6768 (Mitigation bypass in the Networking: Cookies component) and CVE-2026-6769 (Privilege escalation in the Debugger component), both listed in the Firefox 150.0 security advisory (MFSA 2026-30). For CVE-2026-6769, a split bounty was awarded as it was reported concurrently with another reporter.

CVE-2026-6768 in MFSA 2026-30
CVE-2026-6768 in MFSA 2026-30

Ongoing Vulnerability Research

In addition to the two CVE-assigned vulnerabilities above, 25 further vulnerability reports are currently under triage at Mozilla, and 2 more are awaiting CVE assignment. We expect to share further updates.

Part of the vulnerability reports under triage (with mosaic)
Part of the vulnerability reports under triage (with mosaic)

AI-Driven Security in Practice

We have developed a proprietary approach that leverages LLMs for vulnerability research, and we will continue investigating major software including browsers. Based on this hands-on vulnerability discovery expertise, we provide security assessment and consulting services. If you are interested, please feel free to contact us.