Disclosed Chromium Security Bugs

Path traversal using \.. causes sourceMappingURL to still load UNC paths on Windows

#468027781Reporter: o....@gmail.com
$2,000
3/24/2026

wamr:wamr_fuzz_llvm_jit: Null-dereference READ in execute_post_instantiate_functions

#479872443Reporter: 87...@developer.gserviceaccount.com
$0
3/23/2026

vlc:vlc-demux-dec-libfuzzer: Heap-use-after-free in mkv::SegmentSeeker::mkv_jump_to

#471686753Reporter: 87...@developer.gserviceaccount.com
$0
3/23/2026

vlc:vlc-demux-dec-libfuzzer-mkv: Heap-use-after-free in mkv::SegmentSeeker::mkv_jump_to

#475335813Reporter: 87...@developer.gserviceaccount.com
$0
3/23/2026

fluent-bit:flb-it-fuzz-cmetrics_decode_fuzz_OSSFUZZ: Segv on unknown address in cfl_sds_len

#484082566Reporter: 87...@developer.gserviceaccount.com
$0
3/23/2026

vlc:vlc-demux-dec-libfuzzer-mkv: Heap-buffer-overflow in mkv::matroska_segment_c::TrackInit

#475261418Reporter: 87...@developer.gserviceaccount.com
$0
3/23/2026

wamr:wamr_fuzz_llvm_jit: Null-dereference READ in os_thread_wrapper

#475856303Reporter: 87...@developer.gserviceaccount.com
$0
3/23/2026

wamr:wamr_fuzz_llvm_jit: Null-dereference READ in wasm_runtime_invoke_native

#492014646Reporter: 87...@developer.gserviceaccount.com
$0
3/23/2026

quickjs:fuzz_compile: Use-of-uninitialized-value in js_create_function

#471075808Reporter: 87...@developer.gserviceaccount.com
$0
3/23/2026

DCHECK failure in load->load_type() == LoadType::kSmi in maglev-phi-representation-selector.cc

#468486035Reporter: 24...@project.gserviceaccount.com
$0
3/23/2026
Showing 341-350 of 10310 bugs
1...343536...1031