CVE-2026-4728

<!-- Conceptual PoC for CVE-2026-4728 This PoC demonstrates a potential spoofing scenario in Anti-Tracking. It attempts to bypass tracking protection checks by manipulating the request headers or origin context. --> <!DOCTYPE html> <html> <head> <title>CVE-2026-4728 PoC</title> </head> <body> <h1>Anti-Tracking Spoofing Test</h1> <script> // Simulate a payload that attempts to spoof the anti-tracking mechanism function attemptSpoof() { console.log("Attempting to bypass Anti-Tracking checks..."); // In a real scenario, this might involve setting a tracking cookie // that should be blocked by the browser's privacy settings. document.cookie = "tracker_id=spoofed_value; path=/; SameSite=None; Secure"; // Check if the cookie was set despite protections if (document.cookie.includes("tracker_id")) { alert("Potential Vulnerability Detected: Tracking cookie set despite Anti-Tracking protection."); } else { alert("Anti-Tracking protection appears to be active."); } } // Trigger on user interaction (UI:R) document.addEventListener('click', attemptSpoof); </script> <p>Click anywhere to test the vulnerability.</p> </body> </html>

{"cve": {"id": "CVE-2026-4728", "sourceIdentifier": "[email protected]", "published": "2026-03-24T13:16:08.680", "lastModified": "2026-04-13T15:17:45.423", "vulnStatus": "Modified", "cveTags": [], "descriptions": [{"lang": "en", "value": "Spoofing issue in the Privacy: Anti-Tracking component. This vulnerability was fixed in Firefox 149 and Thunderbird 149."}, {"lang": "es", "value": "Problema de suplantación en el componente de Privacidad: Anti-Rastreo. Esta vulnerabilidad afecta a Firefox &lt; 149 y Thunderbird &lt; 149."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "baseScore": 6.5, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.8, "impactScore": 3.6}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "baseScore": 6.5, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.8, "impactScore": 3.6}]}, "weaknesses": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-290"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "versionEndExcluding": "149.0", "matchCriteriaId": "EC415708-0D12-42F6-801D-6884F4F01CD9"}, {"vulnerable": true, "criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "versionEndExcluding": "149.0", "matchCriteriaId": "98D01327-B65C-4FE2-8BBE-98C3555CF8E0"}]}]}], "references": [{"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2013179", "source": "[email protected]", "tags": ["Permissions Required"]}, {"url": "https://www.mozilla.org/security/advisories/mfsa2026-20/", "source": "[email protected]", "tags": ["Vendor Advisory"]}, {"url": "https://www.mozilla.org/security/advisories/mfsa2026-23/", "source": "[email protected]", "tags": ["Vendor Advisory"]}]}}