Google and Mozilla this week launched Chrome and Firefox browser updates that deal with a number of high-severity vulnerabilities.
Google promoted Chrome 141 to the steady channel with 21 safety fixes, together with 12 for safety defects reported by exterior researchers, who earned a complete of $50,000 for his or her findings.
Two of the externally reported bugs, tracked as CVE-2025-11205 and CVE-2025-11206, are high-severity heap buffer overflow points impacting Chrome’s WebGPU and Video parts.
Google says it handed out a $25,000 bug bounty reward for the WebGPU flaw, which was reported by Atte Kettunen of OUSPG in early September.
Chrome 141 additionally resolves eight medium-severity vulnerabilities, together with side-channel data leakage points in Storage and Tab, inappropriate implementation bugs in Media and Omnibox, an out-of-bounds learn flaw in Media, and an off-by-one error within the V8 JavaScript engine.
The remaining two safety holes reported by exterior researchers are low-severity points affecting Chrome’s Storage element and the V8 engine.
The newest Chrome iteration is rolling out as model 141.0.7390.54 for Linux and as variations 141.0.7390.54/55 for Home windows and macOS. The patches had been additionally included in Chrome 141.0.7390.43 for Android.
Mozilla launched Firefox 143.0.3 this week with fixes for 2 high-severity defects within the Graphics and JavaScript Engine parts.Commercial. Scroll to proceed studying.
The Graphics flaw, tracked as CVE-2025-11152, is an integer overflow situation that would result in sandbox escape. The JavaScript Engine weak point, tracked as CVE-2025-11153, is described as a JIT miscompilation.
Neither Google nor Mozilla point out any of those vulnerabilities being exploited within the wild, however customers are suggested to replace their browsers as quickly as potential.
Associated: Chrome 140 Replace Patches Sixth Zero-Day of 2025
Associated: OpenSSL Vulnerabilities Permit Personal Key Restoration, Code Execution, DoS Assaults
Associated: AMTSO Releases Sandbox Analysis Framework
Associated: Safety is All over the place. Can Your Providers Hold Up?
