Disclosed Chromium Security Bugs

Potential UAF in BrowserAccessibilityManager::OnAccessibilityEvents via nested message loop

#495247950Reporter: rj...@google.com
$0
7/14/2026

Potential Heap OOB Write in ChannelLayoutToAudioChannelLayout via CHANNEL_LAYOUT_5_1_4_DOWNMIX

#496607380Reporter: vi...@google.com
$0
7/14/2026

Potential RCE in GPU process via unsynchronized static mutation in GpuVideoEncodeAcceleratorFactory

#498352423Reporter: rj...@google.com
$0
7/14/2026

Potential Use-After-Free in Read Anything WebUI via unchecked AXTree::Unserialize

#498277368Reporter: vm...@google.com
$0
7/14/2026

Use-After-Free in MenuController::StartDrag via nested message loop

#497736679Reporter: vm...@google.com
$0
7/14/2026

UAF of WebNNTensorImpl via raw-pointer map across ThreadPool async boundary in CreateGraph

#496284085Reporter: re...@chromium.org
$0
7/14/2026

binutils:fuzz_readelf: Heap-buffer-overflow in process_object

#533502631Reporter: 87...@developer.gserviceaccount.com
$0
7/13/2026

freerdp:TestFuzzChannelRail: Heap-buffer-overflow in _wcsnlen

#533963816Reporter: 87...@developer.gserviceaccount.com
$0
7/13/2026

Potential Use-After-Free Write in TransientWindowManager via AutoReset

#499065126Reporter: vm...@google.com
$0
7/13/2026

Potential UAF write in GPU process via glBufferData OOM on Android

#498715368Reporter: vm...@google.com
$0
7/12/2026
Showing 121-130 of 11332 bugs