#Mozilla has disclosed a critical security vulnerability, CVE-2024-9680, affecting #Firefox and Firefox ESR, which is actively being exploited. The flaw is a "use-after-free" bug in the Animation timeline component, allowing attackers to execute code in the browser's content process. Security researcher Damien Schaeffer from #ESET identified the issue, which has been fixed in Firefox 131.0.2, Firefox ESR 128.3.1, and Firefox ESR 115.16.1. Although details about real-world exploitation are limited, users are advised to update their browsers immediately to protect against potential attacks.
