Disclosed Chromium Security Bugs

Extensions can hijack Gemini in the browser webview process to perform PE attacks by abusing DNR permissions, allowing stealing prompts, PII leakage, unrestricted access to camera-microphone and more

#463155954Reporter: we...@gmail.com
$7,000
3/4/2026

gpsd:FuzzDriversStructured: Crash in decode_xa2_00

#488288258Reporter: 87...@developer.gserviceaccount.com
$0
3/3/2026

gpac:fuzz_probe_analyze: Heap-buffer-overflow in avi_parse_input_file

#488859051Reporter: 87...@developer.gserviceaccount.com
$0
3/3/2026

inchi:inchi_input_fuzzer: Invalid-free in FreeStrFromINChI

#487748543Reporter: 87...@developer.gserviceaccount.com
$0
3/3/2026

File picker dialog can be shown over on different tab when focused on it (on split view)

#444653104Reporter: sa...@gmail.com
$500
3/3/2026

CHECK failure: ValueRepresentationIs( raw_input->properties().value_representation(), NodeT::kI

#462853804Reporter: 24...@project.gserviceaccount.com
$0
3/3/2026

DCHECK failure in !IsTheHoleConstant(args.receiver()) in maglev-graph-builder.cc

#462477283Reporter: 24...@project.gserviceaccount.com
$0
3/3/2026

Bottom Minibar Fails to Display URL – Potential Phishing via Spoof Bar

#461532432Reporter: ch...@gmail.com
$2,000
3/3/2026

qemu:qemu-fuzz-i386-target-generic-fuzz-virtio-9p-synth: Heap-buffer-overflow in synth_name_to_path

#477990727Reporter: 87...@developer.gserviceaccount.com
$0
3/2/2026

Crash with empty stacktrace

#462729762Reporter: 24...@project.gserviceaccount.com
$0
3/2/2026
Showing 1-10 of 9745 bugs
1234...975