Ruarí Ødegaard @ruario@vivaldi.net
Public

I see that Brendan Eich from Brave is out lying about @Vivaldi again. He claims that Brave was pretty much the first out with a fix for CVE-2025-14174 and that Vivaldi still has not released a fix.

AFAIK we were actually first because we released 7.7.3862.88 (Android) based on 142.0.7444.237 from the Extended Support Release branch at 13:00 UTC (and for Desktop [7.7.3851.61] one hour later) on the 10th of December (the day before Brave and even before Chrome), which includes a fix for CVE-2025-14174. However since that CVE was not being publicly discussed yet, it was not initially listed in the changelog.

I have updated the Desktop announcement to mention the CVE now. Here it is:

vivaldi.com/blog/desktop/minor

Also FWIW my Masto bot which tracks various desktop browser updates announced us here:

social.vivaldi.net/@browserver

That bot has a sibling that looks at Vivaldi only releases (all platforms), which caught the Android release:

social.vivaldi.net/@vivaldiver

And here is when it detected the Brave annoucement, more than a day later:

social.vivaldi.net/@browserver

0
0
2

If you have a fediverse account, you can quote this note from your own instance. Search https://social.vivaldi.net/users/ruario/statuses/115711283431190976 on your instance and quote it. (Note that quoting is not supported in Mastodon.)

0
0
0
0
0
0