Disclosed Chromium Security Bugs

freeradius:fuzzer_xlat: Use-after-poison in dict_by_protocol_substr

#514425793Reporter: 87...@developer.gserviceaccount.com
$0
5/21/2026

TOCTOU in NdkVideoEncodeAccelerator: shared memory re-read after write allows attacker-controlled bitstream parsing

#483109205Reporter: lu...@icloud.com
$0
5/21/2026

Chrome sandbox escape via libGLESv2_powervr.so

#474266014Reporter: ha...@gmail.com
$32,000
5/21/2026

Maglev Phi Untag Incorrectly Uses Type Information, Leading to Type Confusion

#482261044Reporter: hu...@gmail.com
$3,000
5/21/2026

llvm:llvm-opt-fuzzer--x86_64-loop_vectorize: Use-of-uninitialized-value in llvm::VPMultiDefValue::~VPMultiDefValue

#515100087Reporter: 87...@developer.gserviceaccount.com
$0
5/20/2026

graphicsmagick:coder_HEIF_fuzzer: Heap-buffer-overflow in vvdec_push_data2

#513690227Reporter: 87...@developer.gserviceaccount.com
$0
5/20/2026

ghostscript:gs_device_tiffsep1_fuzzer: Crash in image_simple_expand

#513927623Reporter: 87...@developer.gserviceaccount.com
$0
5/20/2026

mruby:mruby_fuzzer: Heap-buffer-overflow in mrb_ary_splice

#512517699Reporter: 87...@developer.gserviceaccount.com
$0
5/20/2026

Use dawn workgroup zero init fallback for pixel 10

#479242793Reporter: pe...@google.com
$0
5/20/2026

Security: Compromised renderer can read files through file picker dialog with kSave mode + prefilled filename

#435684924Reporter: al...@alesandroortiz.com
$2,000
5/20/2026
Showing 91-100 of 10546 bugs
1...91011...1055