Disclosed Chromium Security Bugs

openexr:openexr_exrcorecheck_fuzzer: Crash in ojph::local::avx2_rev_convert

#479257428Reporter: 87...@developer.gserviceaccount.com
$0
2/24/2026

Extensions can run JS on any privileged origin by exploiting already-patched vulnerabilities under devtools:// scheme.

#439058242Reporter: le...@gmail.com
$4,000
2/24/2026

Vulnerability: Insecure usage of .NET. Central Package Management disabled or deprecated project format. affecting rpc://chromium/chromium%2Fchromium

#454767153Reporter: au...@google.com
$0
2/24/2026

ffmpeg:ffmpeg_AV_CODEC_ID_JPEG2000_DEC_fuzzer: Use-of-uninitialized-value in jpegNUMBER_bitbuf_refill_backwards

#482494999Reporter: 87...@developer.gserviceaccount.com
$0
2/23/2026

assimp:assimp_fuzzer: Segv on unknown address in aiAnimation::~aiAnimation

#483188619Reporter: 87...@developer.gserviceaccount.com
$0
2/23/2026

assimp:assimp_fuzzer: Heap-buffer-overflow in ___interceptor_strtol

#476180586Reporter: 87...@developer.gserviceaccount.com
$0
2/22/2026

apache-poi:POIHSSFFuzzer: Security exception in POIHSSFFuzzer

#486483562Reporter: 87...@developer.gserviceaccount.com
$0
2/22/2026

apache-poi:POIHSLFFuzzer: Security exception in org.apache.poi.ddf.EscherRecord.serialize

#485091380Reporter: 87...@developer.gserviceaccount.com
$0
2/22/2026

libical:libicalvcard_fuzzer: Segv on unknown address in icalarray_append

#481635423Reporter: 87...@developer.gserviceaccount.com
$0
2/22/2026

Security: site isolation bypass: Cross-origin URL disclosure via OnReceiveRedirect

#40095391Reporter: if...@google.com
$0
2/22/2026
Showing 1001-1010 of 10782 bugs
1...100101102...1079