VYPR
patchPublished Jul 15, 2026· 1 source

Google Chrome and Mozilla Firefox Address Critical Vulnerabilities

Google Chrome 150 and Mozilla Firefox 152 have received critical security updates to patch newly discovered vulnerabilities, with public exploit code available for some Firefox flaws.

Google and Mozilla have independently released significant security updates for their respective web browsers, Chrome version 150 and Firefox version 152, to address a range of critical vulnerabilities.

Mozilla's update, Firefox 152.0.6, specifically targets two critical security defects. The company has warned that exploit code for both of these vulnerabilities has been made publicly available. These flaws are identified as CVE-2026-15718, an invalid pointer issue within the JavaScript WebAssembly component, and CVE-2026-15719, a site isolation vulnerability in the DOM Navigation component. While exploit code is public, Mozilla stated it is not aware of any active attacks exploiting these weaknesses in the wild.

Simultaneously, Google has rolled out Chrome 150, which includes patches for a total of 15 vulnerabilities. Among these are two critical use-after-free flaws affecting the Ozone component, tracked as CVE-2026-15764 and CVE-2026-15765. The update also resolves twelve high-severity bugs across various components, including Skia, Libyuv, HTML-in-Canvas, Linux Toolkit Theming, V8, Media, GPU, Core, and UI. These high-severity issues encompass a variety of weaknesses such as uninitialized use, heap buffer overflows, insufficient policy enforcement, inadequate validation of untrusted input, and further use-after-free vulnerabilities.

Google noted that only three of the fifteen vulnerabilities patched in Chrome were reported by external security researchers, with the majority being discovered internally by Google's own security teams. The company has not yet disclosed the bug bounty amounts awarded for these external reports. Similar to Mozilla's stance on Firefox, Google has not indicated any knowledge of these patched Chrome vulnerabilities being actively exploited in the wild.

The latest Chrome iteration is currently being distributed to users. For Windows and macOS, the update is available as versions 150.0.7871.124 and 150.0.7871.125. Linux users can expect version 150.0.7871.124. These updates are crucial for maintaining the security and integrity of users' browsing sessions against potential threats.

These browser updates highlight the ongoing cat-and-mouse game between software vendors and malicious actors. Even widely used and regularly updated software like web browsers remain targets for vulnerability discovery and exploitation. The availability of public exploit code, as seen with the Firefox flaws, significantly increases the potential risk, making timely patching a paramount concern for end-users and organizations alike.

Users are strongly advised to ensure their Chrome and Firefox browsers are updated to the latest versions to protect themselves from these newly addressed security risks. Regular updates are a fundamental aspect of cybersecurity hygiene, especially for software that serves as the primary gateway to the internet.

Synthesized by Vypr AI