Google and Mozilla this week launched Chrome and Firefox browser updates that deal with a number of high-severity vulnerabilities.
Google promoted Chrome 141 to the steady channel with 21 security fixes, together with 12 for security defects reported by exterior researchers, who earned a complete of $50,000 for his or her findings.
Two of the externally reported bugs, tracked as CVE-2025-11205 and CVE-2025-11206, are high-severity heap buffer overflow points impacting Chrome’s WebGPU and Video elements.
Google says it handed out a $25,000 bug bounty reward for the WebGPU flaw, which was reported by Atte Kettunen of OUSPG in early September.
Chrome 141 additionally resolves eight medium-severity vulnerabilities, together with side-channel data leakage points in Storage and Tab, inappropriate implementation bugs in Media and Omnibox, an out-of-bounds learn flaw in Media, and an off-by-one error within the V8 JavaScript engine.
The remaining two security holes reported by exterior researchers are low-severity points affecting Chrome’s Storage part and the V8 engine.
The most recent Chrome iteration is rolling out as model 141.0.7390.54 for Linux and as variations 141.0.7390.54/55 for Home windows and macOS. The patches had been additionally included in Chrome 141.0.7390.43 for Android.
Mozilla launched Firefox 143.0.3 this week with fixes for 2 high-severity defects within the Graphics and JavaScript Engine elements.
The Graphics flaw, tracked as CVE-2025-11152, is an integer overflow situation that would result in sandbox escape. The JavaScript Engine weak spot, tracked as CVE-2025-11153, is described as a JIT miscompilation.
Neither Google nor Mozilla point out any of those vulnerabilities being exploited within the wild, however customers are suggested to replace their browsers as quickly as attainable.
