Mozilla has released security updates to fix two critical vulnerabilities in its Firefox browser, which could allow attackers to access sensitive data or execute malicious code. These vulnerabilities were exploited as zero-days at Pwn2Own Berlin, impacting all affected Firefox versions. #Mozilla #Firefox
Keypoints
- The security updates address two out-of-bounds vulnerabilities in Firefox, identified as CVE-2025-4918 and CVE-2025-4919.
- Exploiting these flaws could lead to memory corruption, sensitive data access, or remote code execution.
- Both vulnerabilities were demonstrated and exploited during the Pwn2Own Berlin hacking contest.
- Researchers Edouard Bochin, Tao Yan, and Manfred Paul contributed to discovering and reporting these flaws.
- Users are strongly encouraged to update their Firefox browser to the latest version to mitigate potential threats.
Read More: https://thehackernews.com/2025/05/firefox-patches-2-zero-days-exploited.html