Software 44526 Published by

Zen Browser 1.21.5b has launched, patching high-severity memory safety vulnerabilities inherited from Firefox 152.0.4. The update also resolves lingering UI quirks, including broken context menus on overflowing add-ons and unresponsive copy, paste, and undo shortcuts. Marking its 176th release since debuting in July 2024, the open-source project continues to push rapid iterations of its Arc-inspired, Gecko-based interface. Users looking for a non-Chromium alternative should update immediately to close the security gap.



Zen Browser 1.21.5b Lands, Patching High-Severity Memory Safety Bugs

The Firefox fork also fixes shortcut issues and overflowing addon menus.

Zen Browser 1.21.5b is out now, and the headline grabber is a CVE. The update ships with Firefox 152.0.4 under the hood, closing out a set of high-impact memory safety vulnerabilities that Mozilla’s fuzzing team traced back to the 152.0.3 release. Some of those bugs showed real memory corruption. With enough effort, arbitrary code execution wasn't exactly off the table.

Beyond the security patch, Zen is clearing out a couple of lingering UI quirks. Overflowing add-ons no longer break their context menus, which directly addresses the complaint logged in issue. Shortcuts were silently dead in those panels before this build, which is the kind of bug that drives power users crazy.

Screenshot_from_2025_03_19_09_16_46

The Maintenance Race Continues

This drop marks the 176th release from the Zen team since the project launched in July 2024. The pace hasn't slowed down, and the repository now sits at roughly 43,000 GitHub stars. Zen has carved out a solid niche as an Arc-inspired productivity browser that runs on the Gecko engine instead of Chromium. Vertical tabs, workspaces, split view, and a modular add-on store are all there. The whole pitch is a calmer internet, free of Google code, with the customization layer people actually want.

Head here to grab the new build across Windows, macOS, and Linux.

Memory safety patches are a fact of life for any browser built on Firefox's codebase, though. Mozilla updates the engine constantly, and Zen has to repackage, test, and ship those changes while juggling its own feature roadmap. The fact that the team is patching high-severity memory corruption within days of upstream disclosure says something about their workflow, even if the Gecko stack inevitably passes the baton. If you're currently on 1.21.4b, the update is a no-brainer. If you're still running an older build, you're sitting on a patch that's been sitting around far too long.