Particle.news
Download on the App Store
5 ARTICLES
·
4w ago

Google’s Chrome 137 Patches 11 Vulnerabilities; Mozilla Updates Firefox and Thunderbird

Fixes include a V8 memory patch setting the stage for similar releases from other Chromium-based browsers

Image
Image
Image

Overview

  • Google has released Chrome 137.0.7151.55/.56 for Windows and macOS and 137.0.7151.55 for Linux to address 11 security vulnerabilities.
  • Two flaws — a use-after-free bug in the compositing component (CVE-2025-5063) and an overflow error in the V8 JavaScript engine (CVE-2025-5280) — are rated high risk by Google.
  • An out-of-bounds memory error in Chrome’s V8 engine could allow remote code execution via crafted HTML content.
  • Mozilla has rolled out Firefox 139, its ESR update and Thunderbird patches to fix a critical libvpx library vulnerability alongside other security issues.
  • Other Chromium-based browsers including Microsoft Edge, Brave and Vivaldi are expected to follow with their own security updates.