Mozilla Foundation Security Advisory 2026-09

Security Vulnerabilities fixed in Firefox for iOS 147.2.1

Announced

February 9, 2026

Impact

high

Products

Firefox for iOS

Fixed in

Firefox for iOS 147.2.1

#CVE-2026-2032: Interrupted page loads in new tabs could allow website spoofing under trusted domains in Firefox iOS

Reporter: Qadhafy Muhammad Tera
Impact: high

Description

Malicious scripts that interrupt new tab page loading could cause desynchronization between the address bar and page content, allowing the attacker to spoof arbitrary HTML under a trusted domain.

References

Bug 2012152

Firefox browsers

Mozilla VPN

Mozilla Monitor

Firefox Relay

MDN Plus

Thunderbird

Solo

0DIN

About Mozilla

The Mozilla Manifesto

Get Involved

Blog

Mozilla Foundation

Mozilla.ai

Mozilla Ventures

Mozilla Advertising

Mozilla Builders

Mozilla New Products