CHROME 147 and Firefox 150 security updates are rolling out, with Google and Mozilla addressing multiple memory-safety vulnerabilities. The Chrome 147 update, now shipping as version 147.0.7727.137/138 for Windows and macOS and 147.0.7727.137 for Linux, includes 30 security fixes, four of which are critical-use-after-free defects tracked as CVE-2026-7363, CVE-2026-7361, CVE-2026-7344, and CVE-2026-7343.
The majority of the remaining 26 flaws are memory-safety bugs, including 16 high-severity use-after-free issues, with additional high-severity out-of-bounds, buffer overflow, and type-confusion fixes. Google says it awarded $30,000 in bug bounty rewards for four resolved defects, including a highest payout of $16,000 for a use-after-free issue in the GPU component.
Meanwhile, Mozilla announced Firefox 150.0.1, which fixes four defects including memory-safety bugs tracked as CVE-2026-7322, CVE-2026-7323, CVE-2026-7324, and CVE-2026-7320, with fixes also included in Firefox ESR 140.10.1 and 115.35.1.