Shaheen Fazim

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 146.0.7680.165 **Description** A use-after-free issue in the FedCM feature of Google Chrome could allow a remote attacker to execute arbitrary code within a sandbox through a specially crafted HTML page. **Recommendations** Update Google Chrome to version 146.0.7680.165 or later.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 146.0.7680.153 **Description** A use-after-free issue exists in the Extensions component of Google Chrome. This flaw could allow an attacker to convince a user to install a malicious extension, potentially leading to heap corruption through a crafted Chrome Extension. **Recommendations** Update Google Chrome to version 146.0.7680.153 or later.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 145.0.7632.75/76 and 144.0.7559.75 (Linux) **Description** Google Chrome has a high-severity use-after-free vulnerability (CVE-2026-2441) in the CSS engine that is actively exploited in the wild. This flaw allows attackers to execute arbitrary code inside the browser sandbox via a crafted HTML page. The vulnerability is related to CSS font feature values processing and can be triggered by visiting a malicious webpage. A public proof-of-concept (PoC) exploit is available. The vulnerability affects all Chromium-based browsers. **Recommendations** Update Google Chrome to version 145.0.7632.75 or later on Windows and macOS, or to version 144.0.7559.75 or later on Linux. Restart the browser after applying the update.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 145.0.7632.45 **Description** A flaw exists in the PictureInPicture functionality of Google Chrome. This issue could allow a remote attacker to perform UI spoofing by convincing a user to interact with a specially crafted HTML page through specific UI gestures. The security severity is rated as Medium. **Recommendations** Update Google Chrome to version 145.0.7632.45 or later.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 143.0.7499.147 **Description** A flaw exists in the V8 component of Google Chrome that could allow a remote attacker to exploit heap corruption. This is due to an out-of-bounds read and write condition triggered by a specially crafted HTML page. The security severity is rated as High. **Recommendations** Update Google Chrome to version 143.0.7499.147 or later.

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 141 Firefox ESR versions prior to 115.26 Firefox ESR versions prior to 128.13 Firefox ESR versions prior to 140.1 Thunderbird versions prior to 141 Thunderbird versions prior to 128.13 Thunderbird versions prior to 140.1 **Description** The JavaScript engine did not handle closed generators correctly, potentially leading to a `nullptr` dereference when resuming them. **Recommendations** Update Firefox to version 141 or later. Update Firefox ESR to version 115.26 or later. Update Firefox ESR to version 128.13 or later. Update Firefox ESR to version 140.1 or later. Update Thunderbird to version 141 or later. Update Thunderbird to version 128.13 or later. Update Thunderbird to version 140.1 or later.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 138.0.7204.168 Microsoft Edge versions prior to 138.0.7204.168 Chromium versions prior to 138.0.7204.168 Chromium in Debian versions prior to 138.0.7204.168-1~deb12u1 **Description** A type confusion issue exists in the V8 JavaScript engine component used in Google Chrome, Microsoft Edge, and Chromium browsers. This issue could allow a remote attacker to potentially exploit heap corruption by crafting a malicious HTML page. Exploitation of this issue may lead to denial of service or, potentially, arbitrary code execution. The vulnerability is related to errors in data type conversion within the V8 engine. **Recommendations** Google Chrome versions prior to 138.0.7204.168: Upgrade to version 138.0.7204.168 or later. Microsoft Edge versions prior to 138.0.7204.168: Upgrade to version 138.0.7204.168 or later. Chromium versions prior to 138.0.7204.168: Upgrade to version 138.0.7204.168 or later. Chromium in Debian versions prior to 138.0.7204.168-1~deb12u1: Upgrade to version 138.0.7204.168-1~deb12u1 or later.

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 138.0.7204.49 Description: The issue is related to insufficient policy enforcement in the Loader component, allowing a remote attacker to bypass content security policy via a crafted HTML page. This could potentially affect a significant number of devices worldwide, given the popularity of Google Chrome. Recommendations: For versions prior to 138.0.7204.49, update to version 138.0.7204.49 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 138.0.7204.157 **Description** An integer overflow in V8, the JavaScript engine used in Google Chrome, could allow a remote attacker to exploit heap corruption via a crafted HTML page. The Chromium security severity is rated as High. **Recommendations** Update Google Chrome to version 138.0.7204.157 or later.

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 139.0.4 **Description** An integer overflow occurred in the `OrderedHashTable` used by the JavaScript engine. **Recommendations** For versions prior to 139.0.4, update to version 139.0.4 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 136 **Description** A select option could partially obscure the confirmation prompt shown before launching external apps, potentially tricking a user into launching an external app unexpectedly. This issue only affects Android versions of Firefox. **Recommendations** For versions prior to 136, update to version 136 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Debian Linux (affected versions not specified) **Description** The issue is related to an integer overflow. It was reported by Shaheen Fazim. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 133 Thunderbird versions prior to 133 **Description** The issue is related to incorrect restriction of visualized user interface layers in Mozilla Firefox and Thunderbird on Android operating systems. This could allow a remote attacker to perform a tapjacking attack, potentially leading to users unknowingly approving the launch of external applications and exposing them to underlying vulnerabilities. Malicious websites may have exploited this to perform user intent confirmation through tapjacking. **Recommendations** For Firefox versions prior to 133, update to version 133 or later to resolve the issue. For Thunderbird versions prior to 133, update to version 133 or later to resolve the issue. As a temporary workaround, consider restricting access to external applications until a patch is available. Avoid using affected Firefox and Thunderbird versions on untrusted networks to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: Firefox versions prior to 133 Firefox ESR versions prior to 128.5 Thunderbird versions prior to 133 Thunderbird versions prior to 128.5 Description: The issue is related to incorrect restriction of visualized user interface layers, which could allow a remote attacker to conduct spoofing attacks. This could lead to user confusion and possible spoofing attacks by causing a select dropdown to be shown over another tab. Recommendations: For Firefox versions prior to 133, update to version 133 or later to resolve the issue. For Firefox ESR versions prior to 128.5, update to version 128.5 or later to resolve the issue. For Thunderbird versions prior to 133, update to version 133 or later to resolve the issue. For Thunderbird versions prior to 128.5, update to version 128.5 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 132 Firefox ESR versions prior to 128.4 Thunderbird versions prior to 128.4 Thunderbird versions prior to 132 **Description** The issue is related to a lack of confirmation of the source origin in the protocol handler prompt, which could be obscured using a data: URL within an `iframe`. This could potentially allow a remote attacker to gain unauthorized access to protected information. **Recommendations** For Firefox versions prior to 132, update to version 132 or later. For Firefox ESR versions prior to 128.4, update to version 128.4 or later. For Thunderbird versions prior to 128.4, update to version 128.4 or later. For Thunderbird versions prior to 132, update to version 132 or later.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 139.0.7258.66 **Description** An inappropriate implementation in permissions within Google Chrome allows a remote attacker to perform UI spoofing through a specially crafted HTML page. The security severity is rated as low. **Recommendations** Update Google Chrome to version 139.0.7258.66 or later.

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 131 Firefox ESR versions prior to 128.3 Thunderbird versions prior to 128.3 Thunderbird versions prior to 131 **Description** The issue is related to a missing delay in the directory upload UI, which could allow an attacker to trick a user into granting permission via clickjacking. This could enable a remote attacker to conduct a clickjacking attack. **Recommendations** For Firefox versions prior to 131, update to version 131 or later to resolve the issue. For Firefox ESR versions prior to 128.3, update to version 128.3 or later to resolve the issue. For Thunderbird versions prior to 128.3, update to version 128.3 or later to resolve the issue. For Thunderbird versions prior to 131, update to version 131 or later to resolve the issue. As a temporary workaround, consider restricting access to the directory upload UI to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 147.0.7727.55 Description A flaw exists in Blink, a component of Google Chrome, that could allow a remote attacker to perform UI spoofing through a specially crafted HTML page. This issue is related to an incorrect security UI. Recommendations Update Google Chrome to version 147.0.7727.55 or later.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 130.0.6723.58 Microsoft Edge (affected versions not specified) **Description** The issue is related to an inappropriate implementation in the Permissions feature of Google Chrome and Microsoft Edge, allowing a remote attacker to perform UI spoofing via a crafted HTML page. This can be achieved by convincing a user to engage in specific UI gestures. The estimated number of potentially affected devices is not specified. **Recommendations** For Google Chrome versions prior to 130.0.6723.58, update to version 130.0.6723.58 or later to resolve the issue. For Microsoft Edge, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 130 **Description** The issue is related to the notification announcing the transition to fullscreen mode in Firefox on Android. Multiple prompts and panels from both Firefox and the Android OS could be used to obscure this notification, potentially leading to spoofing of the browser UI if the user is distracted by the sudden appearance of a prompt. The notifications now use the Android Toast feature. This issue only affects Firefox on Android, with other operating systems being unaffected. **Recommendations** For versions prior to 130, update to Firefox version 130 or later to resolve the issue. As a temporary workaround, consider being cautious when multiple prompts appear, ensuring to notice any visual transitions to fullscreen mode. Restricting the use of fullscreen mode until the update can also minimize the risk of exploitation.