Chromium Security Bugs

heap-use-after-free in blink::LegacyDOMSnapshotAgent::VisitNode

#395032416Reporter: as...@gmail.com
$3,000
6/5/2025

Passing HeapNumbers to runtime functions is unsafe

#397187119Reporter: ma...@chromium.org
$0
6/5/2025

Security UI Bypass - Response Injection in Chrome Devtools AI Assistance - links are not sanitized

#395406957Reporter: ci...@gmail.com
$1,000
6/5/2025

OOB read in JsonStringifier::SerializeString

#398999390Reporter: ze...@gmail.com
$2,000
6/5/2025

Vulnerability: Upgrade @babel/traverse to 7.23.2 in GoB repo chromium/infra/infra/go/src/infra

#398735336Reporter: au...@google.com
$0
6/5/2025

CHECK failure: !is_on_heap() in heap-refs.cc

#399173688Reporter: 24...@project.gserviceaccount.com
$0
6/5/2025

Vulnerability: Upgrade deep-extend to 0.5.1 in GoB repo chromium/infra/infra/go/src/infra

#398734447Reporter: au...@google.com
$0
6/5/2025

Vulnerability: Upgrade immer to 9.0.6 in GoB repo chromium/infra/infra/go/src/infra

#398735550Reporter: au...@google.com
$0
6/5/2025

Always used bounded ranges (i.e., string_view) for strings parsed from the histogram shared memory region.

#393394360Reporter: ro...@google.com
$0
6/5/2025

V8 Maglev improper folded allocation handling (leading to memory safety issues)

#398065918Reporter: rz...@excello.cz
$7,000
6/4/2025
Showing 111-120 of 8152 bugs
1...111213...816