Skip to content

Security updates for high-severity flaws issued for Chrome, Firefox

  • by
  • 2 min read

Photo: In Green / Shutterstock.com

Google and Mozilla have issued security updates for their browsers, Chrome and Firefox, respectively, that address several high-severity memory safety vulnerabilities. Google issued an update for three vulnerabilities, while Mozilla patched 17 security bugs in its browser.

Out of the three vulnerabilities fixed by Google, two were reported by security researcher Shaheen Fazim earlier in July 2025. These flaws are tracked as CVE-2025-8010 and CVE-2025-8011 are type confusion bugs that affect the Chrome V8 JavaScript engine. Google paid out an $8000 reward for the first bug and has yet to determine the bounty amount for the second one.

Google’s security advisory doesn’t share any technical information about the vulnerabilities, claiming “access to bug details and links may be kept restricted until a majority of users are updated with a fix.” The latest version is rolling out as versions 138.0.7204.168/.169 for Windows and macOS, and version 138.0.7204.168 for Linux.

This is an image of firefox featured 1232

On the Firefox side of things, Mozilla issued 17 security fixes, including six that target high-severity security vulnerabilities in Firefox 141. Out of these, CVE-2025-8027 affects the browser’s JavaScript engine, and CVE-202508028 impacts arm64 architectures where entries in a specific instruction lead to “truncation and incorrect computation of the branch address” according to its security advisory.

The remaining four high-severity issues are tracked as CVE-2025-8044, CVE-2025-8034, CVE-2025-8040, and CVE-2025-8035 and are memory safety bugs that can lead to remote code execution if exploited. The medium and low severity vulnerabilities addressed in the update can cause URL truncation, sandbox bypasses, unwanted downloads, and code execution if properly exploited.

Mozilla has also released security updates for Thunderbird and Firefox ESR that address some of the aforementioned security bugs. Users are advised to update their Chrome and Firefox installations to the latest available versions as soon as possible.

In the News: Chinese hackers are exploiting Microsoft SharePoint zero-day bugs in widespread attacks

Yadullah Abidi

Yadullah Abidi

Yadullah is a Computer Science graduate who writes/edits/shoots/codes all things cybersecurity, gaming, and tech hardware. When he's not, he streams himself racing virtual cars. He's been writing and reporting on tech and cybersecurity with websites like Candid.Technology and MakeUseOf since 2018. You can contact him here: yadullahabidi@pm.me.

Related Reads

This is an image of dark web hacker security

Security flaw in Dahua CCTVs allows remote access

This is an image of python windows featured

Hackers are targeting Python developers with fake PyPI sites

This is an image of apple featured 2323424823

Apple patches Safari bug; Already exploited in Chrome

This is an image of dark web hacker security

Vibe coding platform breach exposes corporate apps

This is an image of dark web hacker security

Fake apps are stealing data blackmailing users on Asian mobile networks

This is an image of ransomware 32988sd

FBI collects dues from Chaos ransomware gang; $2.4 million in crypto seized

>