Disclosed Chromium Security Bugs

User Activation Bypass via HTMLMediaElement::RequestPlay and System Audio Focus Resume

#497548558Reporter: vm...@google.com
$0
7/10/2026

Browser-process UAF in BrowsingDataRemoverImpl prerender-cache loop via synchronous destruction of new-tab prerender WebContents

#497053588Reporter: vm...@google.com
$0
7/10/2026

webnn_graph_impl_fuzzer_WebNNGraphImplFuzzer_SingleOpConv2d_fuzzer: Crash in xnn_xx_fill_ukernel__sse2_u64

#498553267Reporter: 24...@project.gserviceaccount.com
$0
7/10/2026

Crash in skcms_private::hsw::clut

#498652131Reporter: 24...@project.gserviceaccount.com
$0
7/10/2026

Bad-cast to const View from content::NavigationURLLoaderImpl in views::View::Contains

#498549576Reporter: 24...@project.gserviceaccount.com
$0
7/10/2026

DOM XSS and Trusted Types bypass in streamHTML via invalid SanitizerConfig

#497655906Reporter: vm...@google.com
$0
7/10/2026

CORS preflight bypass for forbidden headers via whitespace normalization mismatch

#498408346Reporter: vm...@google.com
$0
7/10/2026

Use-After-Free in EventListenerMap::RemoveListenersForProcess via MDnsAPI reentrancy

#497977591Reporter: vm...@google.com
$0
7/10/2026

Potential stealth remote desktop takeover on ChromeOS via compromised CRD extension renderer

#497541219Reporter: vm...@google.com
$0
7/10/2026

webnn_graph_impl_fuzzer_WebNNGraphImplFuzzer_SingleOpConv2d_fuzzer: Crash in tflite::Subgraph::InvokeImpl

#498651557Reporter: 24...@project.gserviceaccount.com
$0
7/10/2026
Showing 181-190 of 11332 bugs