Disclosed Chromium Security Bugs

Cross-origin PDF placeholder download misclassified as browser-initiated request

#481882038Reporter: po...@gmail.com
$1,000
5/30/2026

Compromised renderer can spoof trusted browser UI via PopupWidgetHost

#424995036Reporter: fo...@gmail.com
$0
5/30/2026

IntersectionObserver's visibility check can be bypassed through SVG filters

#430198264Reporter: re...@gmail.com
$4,000
5/30/2026

ANGLE Vulkan reinitImageAsRenderable uint32 Overflow causes GPU OOB Write

#485622239Reporter: ci...@gmail.com
$33,000
5/30/2026

v8_wasm_compile_wasmgc_fuzzer: Crash in v8::internal::WasmFrame::Iterate

#486007234Reporter: 24...@project.gserviceaccount.com
$0
5/30/2026

sentencepiece:trainer_fuzzer: Segv on unknown address in sentencepiece::unigram::Lattice::Viterbi

#508357777Reporter: 87...@developer.gserviceaccount.com
$0
5/29/2026

Audio player's download functionality allows bypassing the "allow-downloads" flag of sandboxed iframes

#40064543Reporter: he...@gmail.com
$1,000
5/29/2026

Unblocked :// Characters on `data:text`origin value lead to File Source Origin Spoofing

#419921726Reporter: fr...@gmail.com
$0
5/29/2026

Mini bar not rendering when omnibox is hidden on Pixel 8 and 9

#479122455Reporter: ch...@gmail.com
$1,000
5/29/2026

Authorization Bypass in Target.exposeDevToolsProtocol via Missing Early Return

#485287859Reporter: oj...@gmail.com
$4,000
5/29/2026
Showing 11-20 of 10546 bugs
1234...1055