CVE-2026-14906
Pages with malicious titles could potentially allow saved PDF content to overwrite PDF files or bundled content within the Firefox for iOS a
CVSS
5.3
Medio
EPSS
0.2%
p7
KEV
—
Exploit Today
2
0-100
Publicado: 13 jul 2026 · Última mod.: 14 jul 2026 · CWE-434
0.2%EPSS · 30 días0.2%
2026-07-142026-07-17
Pages with malicious titles could potentially allow saved PDF content to overwrite PDF files or bundled content within the Firefox for iOS application sandbox. This vulnerability was fixed in Firefox for iOS 152.4.
CVECVSSEPSSKEVRExplotTítuloVis.
CVE-2026-562909.8 CRÍ85.4%
KEV—76Joomlack Page Builder Improper Access Control Vulnerability9dCVE-2026-489089.8 CRÍ72.6%
KEV—72JoomShaper SP Page Builder Unrestricted Upload of File with Dangerous Type Vulnerability9dCVE-2026-489399.8 CRÍ71.5%
KEV—71iCagenda Unrestricted Upload of File with Dangerous Type Vulnerability7dCVE-2026-562919.8 CRÍ53.7%
KEV—66Balbooa Forms Unrestricted Upload of File with Dangerous Type Vulnerability7dCVE-2023-388368.8 ALT99.3%
——30File Upload vulnerability in BoidCMS v.2.0.0 allows a remote attacker to execute arbitrary code by adding a GIF header to bypass MIME type checks.9dCVE-2023-464747.2 ALT97.3%
——29File Upload vulnerability PMB v.7.4.8 allows a remote attacker to execute arbitrary code and escalate privileges via a crafted PHP file uploaded to the start_import.php file.9d