The National Cyber Security Agency in Qatar is warning Adobe users to urgently apply patches following the disclosure of vulnerabilities in Mozilla’s Firefox and Thunderbird, but did not mention other affected browsers. The vulnerability (CVE-2023-4863, CVSS 8.8) is a critical heap buffer overflow in the WebP library that allows remote code execution, which affects three versions of Firefox and two Thunderbird releases.

Source: Dark Reading: Cloud