Disclosed Chromium Security Bugs

DCHECK failure in checked_value() == nullptr || (!IsConstantNode(checked_value()->opcode()) && IsC

#458608439Reporter: 24...@project.gserviceaccount.com
$0
2/14/2026

mojo_js_in_process_fuzzer: Heap-use-after-free in DigitalIdentityProviderDesktop::Create

#458082926Reporter: 24...@project.gserviceaccount.com
$0
2/14/2026

V8 Sandbox Bypass: CppHeapPointerTag kDOMWrappersTag used across various different types

#457372605Reporter: ml...@google.com
$0
2/14/2026

grok:grk_decompress_fuzzer: Heap-buffer-overflow in std::__1::__invoke_result_impl

#483928520Reporter: 87...@developer.gserviceaccount.com
$0
2/13/2026

CHECK failure: ValueRepresentationIs( raw_input->properties().value_representation(), NodeT::kI

#458009694Reporter: 24...@project.gserviceaccount.com
$0
2/13/2026

DCHECK failure in HasOutputRegister(target) in maglev-graph-builder.h

#457887901Reporter: 24...@project.gserviceaccount.com
$0
2/13/2026

Use-after-poison in v8::internal::maglev::MaglevFrameTranslationBuilder::BuildDeoptFrameSingleValue

#458024244Reporter: 24...@project.gserviceaccount.com
$0
2/13/2026

libplist:bplist_fuzzer: Heap-buffer-overflow in parse_bin_node_at_index

#467517003Reporter: 87...@developer.gserviceaccount.com
$0
2/12/2026

fluent-bit:flb-it-fuzz-cmetrics_decode_fuzz_OSSFUZZ: Heap-buffer-overflow in cmt_mpack_consume_uint_tag

#472785094Reporter: 87...@developer.gserviceaccount.com
$0
2/12/2026

DCHECK failure in HasOutputRegister(target) in maglev-graph-builder.h

#457880083Reporter: 24...@project.gserviceaccount.com
$0
2/12/2026
Showing 1081-1090 of 10808 bugs
1...108109110...1081