Mozilla has released updates to address two critical flaws in Firefox for which it warned that exploit code has been published.
The vulnerabilities are listed below –
- CVE-2026-15718, an invalid pointer in the JavaScript: WebAssembly component
- CVE-2026-15719, a site isolation in the DOM: Navigation component
“We are aware that exploit code for this is public, however we are not aware of any attacks in the wild abusing this flaw,” Mozilla said in an advisory. Both vulnerabilities have been addressed in Firefox version 152.0.6.
The release comes as Google shipped fixes for 15 security flaws, including two critical use-after-free bugs in Ozone (CVE-2026-15764 and CVE-2026-15765), a cross-platform abstraction layer that allows the browser to interact natively with various display servers and windowing systems. It supports Linux, ChromeOS, and Fuchsia.


Leave a Reply