A vulnerability identified as critical has been detected in Mozilla Firefox up to 140.10/150 . The affected element is an unknown function of the component HTTP Component . The manipulation leads to permissive cross-domain policy with untrusted domains. This vulnerability is uniquely identified as CVE-2026-8950 . The attack is possible to be carried out remotely. No exploit exists. You should upgrade the affected component.