vulnerability
MFSA2026-30 Firefox: Security Vulnerabilities fixed in Firefox 150 (CVE-2026-6755)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:N/AC:L/Au:S/C:N/I:N/A:C) | Apr 21, 2026 | Apr 23, 2026 | Apr 27, 2026 |
Severity
7
CVSS
(AV:N/AC:L/Au:S/C:N/I:N/A:C)
Published
Apr 21, 2026
Added
Apr 23, 2026
Modified
Apr 27, 2026
Description
Mitigation bypass in the DOM: postMessage component. This vulnerability was fixed in Firefox 150 and Thunderbird 150.
Solution
mozilla-firefox-upgrade-150_0
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.