https://www.bleepingcomputer.com/news/security/mozilla-warns-windows-users-of-critical-firefox-sandbox-escape-flaw/

Mozilla has released Firefox 136.0.4 to patch a critical security vulnerability that can let attackers escape the web browser's sandbox on Windows systems.

Tracked as CVE-2025-2857, this flaw is described as an "incorrect handle could lead to sandbox escapes" and was reported by Mozilla developer Andrew McCreight.