Firefox, Chrome, Adobe, and VMware Updates Fix Multiple Critical Security Flaws
Key Points:
- Mozilla has released Firefox version 152.0.6 to patch two critical vulnerabilities (CVE-2026-15718 and CVE-2026-15719), with public exploit code available but no known active attacks.
- Google addressed 15 security flaws in Chrome, including two critical use-after-free bugs in the Ozone component affecting Linux, patched in Chrome versions 150.0.7871.124/.125.
- Adobe issued security updates fixing 88 vulnerabilities across products like ColdFusion, Commerce, Experience Manager, and Illustrator, with several critical bugs enabling arbitrary code execution and privilege escalation.
- Broadcom fixed a critical authentication bypass vulnerability (CVE-2026-47865) in VMware Avi Load Balancer that could allow unauthorized access to the control plane, credited to a NATO Cyber Security Centre researcher.
- Although no active exploitation has been reported for these flaws, organizations are urged to promptly apply the latest patches to mitigate potential threats.