Chromium Security Bugs

Signal SIGTRAP in v8

#400052777Reporter: ki...@gmail.com
$55,000
6/11/2025

v8_wasm_deopt_fuzzer: Crash in v8::internal::WasmFrame::Iterate

#400093649Reporter: 24...@project.gserviceaccount.com
$0
6/10/2025

V8 sandbox violation due to concurrent ArrayBuffer modifications during std::sort

#385775375Reporter: v8...@gmail.com
$5,000
6/10/2025

Vulnerability: Yaml text/template use is detected affecting rpc://chromium/infra%2Finfra%2Fgo%2Fsrc%2Finfra

#398817531Reporter: au...@google.com
$0
6/10/2025

V8 Sandbox Bypass: OOB write in JsonStringifier::TrySerializeSimplePropertyKey

#398773898Reporter: v8...@gmail.com
$5,000
6/7/2025

V8 sandbox violation in icu_74::UnicodeString::doAppend

#393989622Reporter: v8...@gmail.com
$5,000
6/7/2025

debugger/debug/wasm/debug-enabled-tier-down-wasm-streaming starts flaking

#399002829Reporter: ma...@chromium.org
$0
6/6/2025

CHECK failure: it != map_.end() in register-allocator-verifier.cc

#396460489Reporter: 24...@project.gserviceaccount.com
$0
6/6/2025

Security: Bypass the Protection of input fields cache (Autofill) ,and Autofill popup can be made hidden

#40068001Reporter: el...@gmail.com
$1,000
6/6/2025

Permission element inner span height of 100% can be abused if no element in the parent chain has any height set.

#398803201Reporter: an...@google.com
$0
6/6/2025
Showing 101-110 of 8152 bugs
1...101112...816