Firefox Browser: CSS Parsing Flaw Allows Malicious Website Access

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

6.5

Firefox Browser: CSS Parsing Flaw Allows Malicious Website Access

CVE-2026-3846

Summary

A security issue in Firefox's CSS parsing system could allow a malicious website to access sensitive information. This affects Firefox users with outdated versions, and we recommend updating to the latest version to protect your browser and data. Updating to Firefox 148.0.2 or later will address this issue.

What to do

No fix is available yet. Check with your software vendor for updates.

Affected software

Vendor	Product	Affected versions	Fix available
mozilla	firefox	<= 148.0.2	–

Original title

Same-origin policy bypass in the CSS Parsing and Computation component. This vulnerability affects Firefox < 148.0.2.

Original description

Same-origin policy bypass in the CSS Parsing and Computation component. This vulnerability affects Firefox < 148.0.2.

nvd CVSS3.1 6.5

Vulnerability type

CWE-346

Published: 10 Mar 2026 · Updated: 13 Mar 2026 · First seen: 11 Mar 2026