Security News > 2025 > May > Firefox Patches 2 Zero-Days Exploited at Pwn2Own Berlin with $100K in Rewards
2025-05-19 10:37
Mozilla has released security updates to address two critical security flaws in its Firefox browser that could be potentially exploited to access sensitive data or achieve code execution. The vulnerabilities, both of which were exploited as a zero-day at Pwn2Own Berlin, are listed below - CVE-2025-4918 - An out-of-bounds access vulnerability when resolving Promise objects that could allow an
News URL
https://thehackernews.com/2025/05/firefox-patches-2-zero-days-exploited.html
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-05-17 | CVE-2025-4918 | Unspecified vulnerability in Mozilla Firefox An attacker was able to perform an out-of-bounds read or write on a JavaScript `Promise` object. | 0.0 |