
Security firm Tipping Point revealed on Wednesday that it received the report via its Zero Day Initiative service shortly after the browser made its much-publicized debut.
The company is not currently releasing the name of the researcher who discovered the flaw, nor is it disclosing any details on the vulnerability until a patch is prepared. However, the flaw is categorized as a critical vulnerability that could allow an attacker to remotely execute code on a user's computer.
Tipping point said that it had sent the report to Mozilla and that developers were currently working on a fix for the flaw. The company plans to disclose further details on the nature of the vulnerability once a patch has been issued.
No attacks targeting the vulnerability in the wild have been reported.
Security firms F-Secure and Secunia both recommend that users mitigate risk from the vulnerability by following best practices such as avoiding suspicious links and steering clear of untrusted sites.