Google, Mozilla, Microsoft, and Brave have each issued critical security patches, reports Stack Diary. The patches address a vulnerability that an attacker could use to gain access to or run malicious code on your computer, and the companies acknowledge it’s been actively exploited in the wild. NIST classifies the vulnerability as severe. Other companies’ applications are affected — the vulnerability is linked to code used to render WebP images, which are widely used.

The software version numbers containing the fix are below.

Stack Diary mentioned that Electron-based apps like encrypted-messaging app Signal and Bandisoft’s Honeyview have also released patches for the issue. Other apps, like Affinity, Gimp, LibreOffice, Telegram, many Android applications, and “cross-platform apps built with Flutter” are likewise affected, according to the site.