Firefox 150.0.2 maintenance release is now available. This release addresses 27 vulnerabilities, with 10 vulnerabilities categorized under CVE-2026-8093 and 16 under CVE-2026-8092. The vulnerabilities are related to memory handling issues such as buffer overflows and access to already freed memory areas. These flaws could potentially allow attackers to execute malicious code by tricking users into visiting specially crafted websites. All identified vulnerabilities have been rated as High.
Additionally, Mozilla has released a report on their testing of the Firefox codebase using the Claude Mythos AI model. The use of Mythos has enhanced vulnerability identification, error detection, and correction processes. Compared to previous models like GPT 4 and Sonnet 3.5, Mythos has shown a significant reduction in false positives. In April alone, Mozilla addressed 423 vulnerabilities in Firefox, with 271 vulnerabilities discovered using Claude Mythos. Out of these, 180 were considered high-risk, 80 moderate, and 11 low-risk.
Some of the non-security fixes included in Firefox 150.0.2 are:
- Fixed a problem preventing the correct functioning of web cameras during video calls.
- Resolved a bug causing internal or corporate network sites to display a blank