466/68 Friday, November 14, 2025
Google and Mozilla have released their latest security updates for the Chrome and Firefox browsers, addressing several high-severity vulnerabilities. In the Chrome 142 update, Google patched CVE-2025-13042, an inappropriate implementation issue in the V8 JavaScript engine. Although specific technical details have not yet been disclosed, the flaw could potentially lead to denial-of-service (DoS) attacks or remote code execution (RCE). The latest version of Chrome is now available for users on Linux, macOS, and Windows.
Mozilla has also released Firefox 145, which includes fixes for 16 vulnerabilities, 9 of which are rated high severity. Many of these issues involve graphics-related components, including Incorrect Boundary Conditions errors in WebGPU and WebAssembly, as well as JIT Miscompilation flaws in the JavaScript engine. Additionally, CVE-2025-13027 has been identified as a cluster of memory safety bugs affecting both Firefox 144 and Thunderbird 144.
Mozilla also issued updates for its enterprise releases:
- Firefox ESR 140.5, which patches 9 vulnerabilities, and
- Firefox ESR 115.30, which includes fixes for 4 additional issues.
Both Google and Mozilla confirmed that no in-the-wild exploitation has been observed so far. However, users and organizations are strongly encouraged to update to the latest browser versions immediately to reduce exposure to potential security threats.
