Disclosed Chromium Security Bugs

V8 sandbox violation in v8::internal::Simulator::ExecuteInstruction

#488362583Reporter: 24...@project.gserviceaccount.com
$0
6/12/2026

gpac:fuzz_probe_analyze: Crash in avi_parse_input_file

#522061221Reporter: 87...@developer.gserviceaccount.com
$0
6/11/2026

.lnk File Download Bypass Using "Save As" Link (Bypass of #444803530)

#486079015Reporter: mu...@gmail.com
$0
6/11/2026

Security Regression: Trusted UI (Omnibox) fails to render/disappears due to CoordinatorLayout migration logic failure.

#484082189Reporter: mo...@gmail.com
$2,000
6/11/2026

V8 Sandbox Bypass: Use-After-Free in Intl.Segmenter BreakIterator

#472181383Reporter: vs...@gmail.com
$0
6/11/2026

Arbitrary Memory Read/Write via WebGLBuffer Created During Context Loss Combined with PBO Operations

#485935305Reporter: je...@gmail.com
$90,000
6/11/2026

Out-of-bounds heap read in VP9 encoder via WebCodecs VideoEncoder dimension reconfiguration -- VP9 merge

#489755020Reporter: jz...@google.com
$0
6/11/2026

Heap buffer overflow in ANGLE copyImageDataToBuffer

#486972661Reporter: oj...@gmail.com
$15,000
6/11/2026

CHECK failure: receiver_obj != ReadOnlyRoots(isolate()).arguments_marker() in frames.cc

#488042855Reporter: 24...@project.gserviceaccount.com
$0
6/11/2026

DCHECK failure in i < this ->context_local_count() in scope-info-tq-inl.inc

#489605205Reporter: 24...@project.gserviceaccount.com
$0
6/11/2026
Showing 31-40 of 10721 bugs
1...345...1073