Disclosed Chromium Security Bugs

DCHECK failure in !IsUndefined(*queue, isolate) in isolate.cc

#499043868Reporter: 24...@project.gserviceaccount.com
$0
7/11/2026

webnn_graph_impl_fuzzer_WebNNGraphImplFuzzer_CPU_SingleOpPool2d_fuzzer: Crash in tflite::Subgraph::InvokeImpl

#499126216Reporter: 24...@project.gserviceaccount.com
$0
7/11/2026

Use-After-Free in VerticalTabDragHandlerImpl::ContinueDrag via nested message loop

#495973592Reporter: vm...@google.com
$0
7/11/2026

Potential Parameter Injection in FedCM SendDisconnectRequest due to missing URL encoding

#497032290Reporter: rj...@google.com
$0
7/11/2026

flyway:LocationFuzzer: Security exception in com.code_intelligence.jazzer.sanitizers.RegexInjection.hookInternal

#530322176Reporter: 87...@developer.gserviceaccount.com
$0
7/10/2026

llvm:llvm-opt-fuzzer--x86_64-dse: New-delete-type-mismatch in std::__1::vector

#533298000Reporter: 87...@developer.gserviceaccount.com
$0
7/10/2026

OOB Read via Unclamped sample_index in Multisampled textureLoad

#497975608Reporter: vm...@google.com
$0
7/10/2026

Use-After-Free in HTMLFormattingElementList::SwapTo via adoption agency bookmark

#496298136Reporter: rj...@google.com
$0
7/10/2026

Integer overflow in tint::RoundUp and dawn::Align bypasses workgroup storage limits

#497580681Reporter: vm...@google.com
$0
7/10/2026

Potential cross-origin GPU memory disclosure via missing ValidateBeginAccess in D3DImageBacking

#496395450Reporter: vm...@google.com
$0
7/10/2026
Showing 151-160 of 11332 bugs