Firefox and Chrome Vulnerable to Cyber Threats, NCERT Warns

NCERT is warning that Firefox and Chrome are vulnerable to serious viruses and cyberattacks

The National Council of Educational Research and Training (NCERT) has issued an urgent advisory (NCA-29.052225) warning users about vulnerabilities discovered in the latest versions of Mozilla Firefox and Google Chrome browsers. These flaws are actively being exploited in the wild, posing a significant threat of serious viruses and cyberattacks.

The advisory highlights that Firefox vulnerabilities were demonstrated during the Pwn2Own hacking contest. A high-impact flaw in Chrome’s WebAssembly implementation also poses a serious risk. The widespread use of these browsers makes these vulnerabilities a significant threat to individual users and enterprise systems.

Several critical zero-day vulnerabilities have been reported, with active exploitation confirmed. These vulnerabilities enable attackers to execute arbitrary code, compromise browser sessions, steal sensitive user data, and deploy malware through crafted content or web-based exploits.

Organizations and individuals are strongly urged to apply available patches and implement mitigation immediately.

Attackers can execute malicious JavaScript or binary payloads. They can also get unauthorized access, exploits can lead to malware deployment or system control. There is a risk of leakage of credentials, sensitive user input, or stored web data.

The advisory outlines specific CVE IDs for the vulnerabilities:

CVE ID	Browser	Description
CVE-2025-4918, CVE-2025-4919	Mozilla Firefox	Critical flaws exploited during the Pwn2Own contest, enabling RCE through malicious JavaScript and bypassing JIT compiler protections.
CVE-2025-4644	Google Chrome	A high-severity vulnerability in the WebAssembly (Wasm) module enables cross-origin data access and potential session/data theft.