
GOOGLE and Mozilla have released updates for Chrome version 150 and Firefox version 152, addressing a batch of newly disclosed security flaws that could allow attackers to execute arbitrary code on affected systems according to a SecurityWeek report. The Chrome update resolves twenty seven vulnerabilities, while the Firefox update patches two medium‑severity issues that have public exploit code available. Users are urged to apply the patches promptly to reduce the risk of compromise.
Firefox 152 fixes CVE‑2026-15718 and CVE‑2026-15719, each rated CVSS 4.3 and 5.4 respectively, with the Mozilla advisory noting that both flaws reside in the JavaScript engine and could be triggered by visiting a specially crafted web page as detailed in the MFSA2026‑67 notice. Although classified as medium severity, the availability of public exploit code raises the likelihood of opportunistic attacks. Successful exploitation could lead to memory corruption and give an attacker the same privileges as the browser process.