CVE-2026-9078— Firefox iOS RTL Domain Rendering Issue in Link Preview

AI Predicted 5.3 Difficulty: Easy Updated May 25, 2026

Possible ATT&CK Techniques 2AI

T1189 · Drive-by Compromise T1071 · Application Layer Protocol

Affected Version Matrix 1

Vendor	Product	Version Range	Status
Mozilla	Firefox for iOS	`151.1≤ *`	unaffected

Updated May 25, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

Firefox iOS RTL Domain Rendering Issue in Link Preview

Source: NVD (National Vulnerability Database)

Vulnerability Description

Firefox for iOS displayed specially crafted right-to-left (RTL) and internationalized domain names (IDNs) incorrectly in link preview UI surfaces. A crafted RTL hostname could visually reorder portions of the displayed domain, causing attacker-controlled sites to appear as trusted origins. This vulnerability was fixed in Firefox for iOS 151.1.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
Mozilla	Firefox for iOS	151.1 ~ *	-

II. Public POCs for CVE-2026-9078

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2026-9078

请登录查看更多情报信息。

Vendor Advisories for CVE-2026-9078 (1)

Security Vulnerabilities fixed in Firefox for iOS 151.1 — Mozilla

https://nvd.nist.gov/vuln/detail/CVE-2026-9078

IV. Related Vulnerabilities

Same product: Firefox for iOS

Same vendor: Mozilla

V. Comments for CVE-2026-9078

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2026-9078— Firefox iOS RTL Domain Rendering Issue in Link Preview

Possible ATT&CK Techniques 2AI

Affected Version Matrix 1

I. Basic Information for CVE-2026-9078

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2026-9078

III. Intelligence Information for CVE-2026-9078

Vendor Advisories for CVE-2026-9078 (1)

IV. Related Vulnerabilities

V. Comments for CVE-2026-9078

Leave a comment