Disclosed Chromium Security Bugs

Potential OOB Read in aura::Window notifications via iterator invalidation

#498832921Reporter: vm...@google.com
$0
7/11/2026

Browser Process UAF in WebContentsImpl::EnterFullscreenMode

#498752242Reporter: vm...@google.com
$0
7/11/2026

Site Isolation bypass via ServiceWorkerForwardedRaceNetworkRequestURLLoaderFactory

#497437113Reporter: vm...@google.com
$0
7/11/2026

Potential: IWA Direct Sockets multicast spoofing via PNA and policy bypass

#497081987Reporter: vm...@google.com
$0
7/11/2026

Site Isolation bypass leaking Navigation API state to sandboxed frames

#496645205Reporter: vm...@google.com
$0
7/11/2026

Race condition in SharedStorageWorkletHost bypasses cross-origin opt-in check

#496380960Reporter: vm...@google.com
$0
7/11/2026

Information Leak via Incomplete Script Stripping in FrameSerializer (MHTML)

#499194407Reporter: vm...@google.com
$0
7/11/2026

Argument Injection/RCE in Linux Desktop Shortcuts via Unescaped %c

#499067529Reporter: vm...@google.com
$0
7/11/2026

Heap OOB Read in crabbyavif via incremental decode state loss and oversized slice

#497926602Reporter: vm...@google.com
$0
7/11/2026

Cross-origin response length and verification oracle via HLS EXT-X-KEY

#497722578Reporter: vm...@google.com
$0
7/11/2026
Showing 141-150 of 11332 bugs