Mozilla has urgently patched two critical 0-day vulnerabilities in its popular web browser Firefox, both of which could allow remote attackers to execute malicious code on user systems.
The flaws, tracked as CVE-2025-4918 and CVE-2025-4919, were disclosed on May 17, 2025, and are addressed in Firefox version 138.0.4. Security experts are strongly advising all users to update immediately, as active exploitation in the wild is likely.
https://gbhackers.com/critical-firefox-0-day-flaws/