CYBERNEWSMEDIA Network:||
CYBERNEWSMEDIA
CYBERNEWSMEDIA

Cybersecurity News, Insights & Analysis

Latest
TrueConf Zero-Day Exploited in Asian Government Attacks
In Other News: ChatGPT Data Leak, Android Rootkit, Water Facility Hit by Ransomware
Critical ShareFile Flaws Lead to Unauthenticated RCE
Mobile Attack Surface Expands as Enterprises Lose Control
React2Shell Exploited in Large-Scale Credential Harvesting Campaign
AD · 970×250

Vulnerabilities

Chrome 144, Firefox 147 Patch High-Severity Vulnerabilities

The two browser updates resolve 26 security defects, including bugs that could be exploited for code execution. The post Chrome 144, Firefox 147 Patch High-Severity Vulnerabilities appeared first on SecurityWeek.

Chrome and Firefox vulnerabilities

Google and Mozilla on Tuesday announced the release of Chrome 144 and Firefox 147 with patches for a total of 26 vulnerabilities.

Chrome 144 was rolled out to the stable channel with fixes for 10 security defects, including three high-severity bugs.

Two of the high-severity flaws affect V8, the browser’s JavaScript and WebAssembly engine: CVE-2026-0899 is an out-of-bounds memory access issue, while CVE-2026-0900 is an inappropriate implementation weakness.

The third high-severity vulnerability, CVE-2026-0901, is an inappropriate implementation bug in Blink.

The fresh Chrome release also resolves four medium-severity flaws and three low-severity defects in V8, Downloads, Digital Credentials, Network, Split View, and ANGLE.

Google says it handed out $18,500 in bug bounty rewards for six of these vulnerabilities, but has yet to disclose the amounts for the remaining four.

The latest Chrome iteration is now rolling out as version 144.0.7559.59 for Linux and as versions 144.0.7559.59/60 for Windows and macOS.

Mozilla on Tuesday released Firefox 147 with patches for 16 security defects, including seven high-severity issues.

Four of the high-severity bugs are sandbox escape flaws impacting the browser’s Graphics and Messaging System components. The remaining three include a mitigation bypass in DOM, a use-after-free issue in IPC, and memory safety bugs that could lead to remote code execution.

The Firefox update also resolves five medium-severity vulnerabilities and three low-severity defects in Networking, JavaScript Engine, JavaScript: GC, Graphics, XML, and DOM. Multiple medium-severity memory safety bugs tracked together under the same CVE were also addressed.

On Tuesday, Mozilla also released Firefox ESR 140.7 and Firefox ESR 115.32 with patches for many of the flaws resolved in Firefox 147.

Google and Mozilla make no mention of any of these vulnerabilities being exploited in the wild, but users are advised to update their browsers as soon as possible.

Related: Google Patches Mysterious Chrome Zero-Day Exploited in the Wild

Related: Chrome Extensions With 900,000 Downloads Caught Stealing AI Chats

Related: Firefox 145 and Chrome 142 Patch High-Severity Flaws in Latest Releases

Related: GhostPoster Firefox Extensions Hide Malware in Icons

Latest News

CYBERNEWSMEDIAPublisher