Disclosed Chromium Security Bugs

DCHECK failure in instr_->InputAt(index)->IsFPRegister() in code-generator-arm64.cc

#490183533Reporter: 24...@project.gserviceaccount.com
$0
6/13/2026

V8: Missing SBXCHECK in TypedArray same-type copy fast path (sandbox bypass)

#489633222Reporter: br...@gmail.com
$0
6/13/2026

DCHECK failure in 0 == level_ in mutex.cc

#489941769Reporter: 24...@project.gserviceaccount.com
$0
6/13/2026

Crash in v8::internal::CaptureSimpleStackTrace

#488943662Reporter: 24...@project.gserviceaccount.com
$0
6/13/2026

Maglev phi untag incorrectly treats tagged pointer as SMI

#489280531Reporter: ch...@gmail.com
$0
6/13/2026

binutils:fuzz_objdump_safe: Heap-buffer-overflow in bfd_getb32

#522397422Reporter: 87...@developer.gserviceaccount.com
$0
6/12/2026

njs:njs_process_script_fuzzer: Use-of-uninitialized-value in njs_utf8_decode

#523017645Reporter: 87...@developer.gserviceaccount.com
$0
6/12/2026

ogre:ogre_deep_fuzz: Heap-buffer-overflow in Ogre::VertexData::convertPackedColour

#522972651Reporter: 87...@developer.gserviceaccount.com
$0
6/12/2026

tarantool:msgpack_decode_test: Heap-buffer-overflow in small_asan_alloc

#514738865Reporter: 87...@developer.gserviceaccount.com
$0
6/12/2026

Sandboxed iframe bypasses allow-popups restriction via CreateNewWindow Mojo IPC — browser has zero sandbox enforcement

#487471101Reporter: os...@gmail.com
$0
6/12/2026
Showing 11-20 of 10721 bugs
1234...1073