CVE-2026-9308 — Firefox for iOS Reader View replaced page content in its HTML template before replacing other internal placeholders. A malicious page could include a placeholder string that was later substituted with — CVE Database · The Intelligence Room