CVE-2026-12068 – Avira Password Manager credential disclosure via cross-origin autofill in Firefox

CVE ID :CVE-2026-12068

Published : June 12, 2026, 10:19 p.m. | 1 hour, 5 minutes ago

Description :Information disclosure vulnerability in Avira Password Manager when used with Mozilla Firefox may allow a remote attacker operating a cross-origin iframe to obtain credentials autofilled for the parent web page via incorrect autofill field selection.

This issue affects Avira Password Manager when used with Mozilla Firefox on Windows, macOS, and Linux.

Severity: 7.4 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more… 

نوشته های مشابه

CVE-2026-11443 – Allegra downloadAttachment Cross-Site Scripting Authentication Bypass Vulnerability

CVE-2026-11442 – Allegra exportReport Directory Traversal Information Disclosure Vulnerability

CVE-2026-6676 – Avira antivirus engine heap buffer OOB write when scanning a malformed POSIX tar archive

CVE-2025-9033 – Avira antivirus engine heap buffer OOB read when scanning a malformed PDF file (variant 3)