Disclosed Chromium Security Bugs

V8 Sandbox Bypass: UAF in Temporal.PlainDate.prototype.with

#480122167Reporter: er...@gmail.com
$5,000
5/14/2026

Cross-origin iframe captures dragenter, dragleave, events when behind other elements

#409972635Reporter: ka...@yeticgi.com
$0
5/14/2026

mruby:mruby_fuzzer: Index-out-of-bounds in parse_decimal

#509389641Reporter: 87...@developer.gserviceaccount.com
$0
5/13/2026

mruby:mruby_fuzzer: Heap-use-after-free in str_new

#509912907Reporter: 87...@developer.gserviceaccount.com
$0
5/13/2026

matio:matio_struct_cell_fuzzer: Heap-buffer-overflow in Mat_VarGetCellsLinear

#511531637Reporter: 87...@developer.gserviceaccount.com
$0
5/13/2026

mpv:fuzzer_protocol_edl: Stack-buffer-overflow in autoload_external_files

#512622269Reporter: 87...@developer.gserviceaccount.com
$0
5/13/2026

md4c:fuzz-mdhtml: Global-buffer-overflow in md_start_new_block

#512429152Reporter: 87...@developer.gserviceaccount.com
$0
5/13/2026

md4c:fuzz-mdhtml: Use-after-poison in md_build_attribute

#512429151Reporter: 87...@developer.gserviceaccount.com
$0
5/13/2026

[Merge M145] Use dawn workgroup zero init fallback for pixel 10

#479805873Reporter: ch...@google.com
$0
5/13/2026

Improper handling of side-effects of CopyFastSmiOrObjectElements in LateLoadElimination leads to a fake object / arbitrary write primitive

#480438199Reporter: bj...@neodyme.io
$11,000
5/13/2026
Showing 171-180 of 10546 bugs
1...171819...1055