Disclosed Chromium Security Bugs

SSRF and PNA Bypass in WebAuthn via challenge_url

#497609145Reporter: rj...@google.com
$0
7/17/2026

Potential GPU OOB Read via BufferManager Target Bypass and Shadow Desync

#498727111Reporter: rj...@google.com
$0
7/17/2026

iOS Chrome download origin spoof: spoofing downloaded file as it's from any legitimate site via data: URI

#394997959Reporter: pr...@gmail.com
$2,000
7/17/2026

Info Leak: Dawn LazyClearRenderPassAttachments ignores 3D texture depthSlice

#500087204Reporter: vm...@google.com
$0
7/17/2026

Vulkan VUID violation via Dawn internal usage validation bypass

#500140111Reporter: vm...@google.com
$0
7/17/2026

Potential UAF in Dawn Metal completion handler via race condition during Queue destruction

#497969820Reporter: vm...@google.com
$0
7/17/2026

Permissions-Policy bypass for Storage Access via spoofed navigation status

#498417152Reporter: vm...@google.com
$0
7/17/2026

Potential authorization bypass allowing web pages to send Cast platform commands

#497203741Reporter: vm...@google.com
$0
7/17/2026

Renderer can spoof tab audibility to bypass Auto-PiP gate via OnUseAudioServiceChanged

#496617698Reporter: vm...@google.com
$0
7/17/2026

Potential Data Race / UAF in GpuServiceImpl::GetShaderPrefixKey

#500079715Reporter: vm...@google.com
$0
7/17/2026
Showing 11-20 of 11332 bugs