CVE-2026-53899 – Cross-origin cookies could be leaked when opening a PDF link

CVE ID :CVE-2026-53899

Published : June 16, 2026, 1:16 p.m. | 25 minutes ago

Description :Firefox for iOS used partial domain matching when attaching cookies to PDF requests, allowing a malicious site on a suffix domain to receive cookies belonging to the target site. This vulnerability was fixed in Firefox for iOS 152.0.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…