A zero-day vulnerability in a fully-patched and most-current version of Mozilla Corp.’s Firefox could be exploited to crash the browser at the least, and at the worst, possibly introduce malicious code, a company warned Tuesday.

The bug, which first appeared on Mozilla’s Bugzilla listing a week ago on April 18, could be used by an attacker to crash Firefox by feeding it malformed JavaScript code.

Read more: Firefox Bug Could Be Serious