Android Firefox Sandbox Escape Vulnerability

CVE-2026-8945 is a sandbox escape vulnerability affecting Firefox and Firefox Focus on Android devices, rated as high severity (CVSS 7.5). Sandbox escapes are particularly dangerous because they allow attackers to break out of the restricted execution environment designed to contain untrusted code, potentially gaining access to system resources, user data, and other sensitive information. This vulnerability affects Android users who rely on Firefox as their primary browser, putting millions of devices at risk until they update to version 151 or later. The vulnerability is mapped to CWE-693 (Protection Mechanism Failure), indicating a fundamental breakdown in the security boundary that isolates browser processes from the underlying operating system.

While this CVE currently shows zero matching Casky skills due to its very recent discovery and lack of mapped MITRE ATT&CK techniques, the underlying attack patterns would typically involve Defense Evasion and Privilege Escalation techniques. Security practitioners using Casky's extended reasoning capabilities should look for behavioral indicators including: unusual process creation or inter-process communication attempts from browser contexts, attempts to access filesystem paths outside the expected sandbox boundaries, and privilege escalation activities following browser exploitation. Organizations should prioritize patching Firefox and Firefox Focus to version 151 immediately, monitor for exploitation attempts in network logs, and leverage Casky's expanding skill library to correlate sandbox escape indicators with other MITRE ATT&CK techniques as threat intelligence on this vulnerability matures.