Chrome 144, Firefox 147 Patch High-Severity Vulnerabilities

Posted on By CWS

Google and Mozilla on Tuesday introduced the discharge of Chrome 144 and Firefox 147 with patches for a complete of 26 vulnerabilities.

Chrome 144 was rolled out to the secure channel with fixes for 10 safety defects, together with three high-severity bugs.

Two of the high-severity flaws have an effect on V8, the browser’s JavaScript and WebAssembly engine: CVE-2026-0899 is an out-of-bounds reminiscence entry subject, whereas CVE-2026-0900 is an inappropriate implementation weak point.

The third high-severity vulnerability, CVE-2026-0901, is an inappropriate implementation bug in Blink.

The contemporary Chrome launch additionally resolves 4 medium-severity flaws and three low-severity defects in V8, Downloads, Digital Credentials, Community, Break up View, and ANGLE.

Google says it handed out $18,500 in bug bounty rewards for six of those vulnerabilities, however has but to reveal the quantities for the remaining 4.Commercial. Scroll to proceed studying.

The newest Chrome iteration is now rolling out as model 144.0.7559.59 for Linux and as variations 144.0.7559.59/60 for Home windows and macOS.

Mozilla on Tuesday launched Firefox 147 with patches for 16 safety defects, together with seven high-severity points.

4 of the high-severity bugs are sandbox escape flaws impacting the browser’s Graphics and Messaging System elements. The remaining three embrace a mitigation bypass in DOM, a use-after-free subject in IPC, and reminiscence security bugs that might result in distant code execution.

The Firefox replace additionally resolves 5 medium-severity vulnerabilities and three low-severity defects in Networking, JavaScript Engine, JavaScript: GC, Graphics, XML, and DOM. A number of medium-severity reminiscence security bugs tracked collectively beneath the identical CVE have been additionally addressed.

On Tuesday, Mozilla additionally launched Firefox ESR 140.7 and Firefox ESR 115.32 with patches for most of the flaws resolved in Firefox 147.

Google and Mozilla make no point out of any of those vulnerabilities being exploited within the wild, however customers are suggested to replace their browsers as quickly as attainable.

Associated: Google Patches Mysterious Chrome Zero-Day Exploited within the Wild

Associated: Chrome Extensions With 900,000 Downloads Caught Stealing AI Chats

Associated: Firefox 145 and Chrome 142 Patch Excessive-Severity Flaws in Newest Releases

Associated: GhostPoster Firefox Extensions Conceal Malware in Icons

Security Week News Tags:, , , ,

Related Posts

Ramnit Malware Infections Spike in OT as Evidence Suggests ICS Shift Security Week News
SharePoint Under Attack: Microsoft Warns of Zero-Day Exploited in the Wild – No Patch Available Security Week News
Personal Information of 33.7 Million Stolen From Coupang Security Week News
Exploited CrushFTP Zero-Day Provides Admin Access to Servers Security Week News
SesameOp Malware Abuses OpenAI API  Security Week News
F5 to Acquire CalypsoAI for $180 Million Security Week News