Disclosed Chromium Security Bugs

v8_module_generation_all_fuzztest: Crash in Builtins_JSToWasmWrapperAsm

#453769899Reporter: 24...@project.gserviceaccount.com
$0
1/29/2026

gdal:libertiff: Heap-buffer-overflow in PackBitsDecode

#475896268Reporter: 87...@developer.gserviceaccount.com
$0
1/28/2026

gdal:gdal_fuzzer: Heap-buffer-overflow in m_zero_block

#478301093Reporter: 87...@developer.gserviceaccount.com
$0
1/28/2026

mpv:fuzzer_set_property_MPV_FORMAT_STRING_1: Use-of-uninitialized-value in initFilter

#478301104Reporter: 87...@developer.gserviceaccount.com
$0
1/28/2026

mpv:fuzzer_set_property_MPV_FORMAT_STRING_1: Segv on unknown address in yuv2rgb4_X_c

#478212631Reporter: 87...@developer.gserviceaccount.com
$0
1/28/2026

thrift-java:RoundtripJSONFuzzer: Security exception in org.apache.thrift.fuzz.RecursiveStruct$RecursiveStructStandardScheme.read

#478005963Reporter: 87...@developer.gserviceaccount.com
$0
1/28/2026

Out-of-bound read in the jmp table of ActiveMediaSessionController leads to sandbox escape.

#453094710Reporter: bl...@gmail.com
$250,000
1/28/2026

cctest/test-inobject-slack-tracking/SubclassTypedArrayBuiltinNoInlineNew starts flaking

#355120682Reporter: ma...@google.com
$0
1/28/2026

Debug check failed: Holder v8::internal::TrustedCast

#451750214Reporter: qi...@gmail.com
$0
1/28/2026

Crash in Builtins_CEntry_Return1_ArgvOnStack_NoBuiltinExit

#446962918Reporter: 24...@project.gserviceaccount.com
$0
1/28/2026
Showing 1201-1210 of 10808 bugs
1...120121122...1081