Disclosed Chromium Security Bugs

CHECK failure: (value & uint64_t{ADDRESS}) != unexpected || (value & uint64_t{ADDRESS}) == uint

#424653424Reporter: 24...@project.gserviceaccount.com
$0
10/18/2025

qemu:qemu-fuzz-i386-target-generic-fuzz-e1000: Stack-buffer-overflow in eNUMBER_receive_iov

#432364226Reporter: 87...@developer.gserviceaccount.com
$0
10/15/2025

Download origin spoofing using malformed data url.

#421511847Reporter: x4...@gmail.com
$5,000
10/15/2025

V8 Sandbox Bypass: Arbitrary code execution via interpreter-to-baseline OSR Code type confusion

#429703123Reporter: se...@gmail.com
$20,000
10/15/2025

Permission element inner div with style -webkit-text-stroke-width: thick;font-weight: bolder; can be abused if no element in the parent chain has any -webkit-text-stroke-width: thick;font-weight: bolder; are set.

#429440615Reporter: sa...@gmail.com
$0
10/15/2025

DCHECK failure in (thread_graph_labeller) == nullptr in maglev-graph-labeller.cc

#429645383Reporter: 24...@project.gserviceaccount.com
$0
10/15/2025

CHECK failure: ValueRepresentationIs(input->properties().value_representation(), NodeT::kInputT

#430125749Reporter: 24...@project.gserviceaccount.com
$0
10/15/2025

DCHECK failure in base::FPU::GetFlushDenormals() == isolate->flush_denormals() in local-isolate.cc

#429761781Reporter: 24...@project.gserviceaccount.com
$0
10/15/2025

quickjs:fuzz_compile: Use-of-uninitialized-value in JS_DefineProperty

#449772271Reporter: 87...@developer.gserviceaccount.com
$0
10/12/2025

blink_gif_decoder_fuzzer: CHECK failure: frame.GetStatus() == ImageFrame::kFrameInitialized || frame.GetStatus() == Image

#428754691Reporter: 24...@project.gserviceaccount.com
$0
10/12/2025
Showing 161-170 of 8821 bugs
1...161718...883