Disclosed Chromium Security Bugs

CHECK failure: !map_word.IsForwardingAddress() in heap-verifier.cc

#426072084Reporter: 24...@project.gserviceaccount.com
$0
9/27/2025

AppBound Decryption with Padding Oracle Attack

#382234536Reporter: ar...@gmail.com
$0
9/26/2025

libxslt: Type confusion in xmlNode.psvi between stylesheet and source nodes

#413080347Reporter: am...@chromium.org
$0
9/26/2025

libxslt: heap-use-after-free in xmlFreeID caused by `atype` corruption

#414858409Reporter: dc...@chromium.org
$0
9/26/2025

gpac:fuzz_probe_analyze: Heap-buffer-overflow in inspect_process

#447084960Reporter: 87...@developer.gserviceaccount.com
$0
9/26/2025

javaparser:parseFuzzer: Security exception in com.github.javaparser.ast.expr.FieldAccessExpr.accept

#433180087Reporter: 87...@developer.gserviceaccount.com
$0
9/26/2025

V8 Sandbox Bypass: UB V8HeapExplorer::GetSystemEntryName leads to OOB write

#425122187Reporter: vs...@gmail.com
$1,000
9/25/2025

v8_wasm_compile_all_fuzzer: Segv on unknown address in Builtins_JSToWasmWrapperAsm

#419323068Reporter: 24...@project.gserviceaccount.com
$0
9/25/2025

qt:qtbase_network_ssl_qsslcertificate_qsslcertificate_pem: Bad-cast to QObject from invalid vptr in QFactoryLoader::~QFactoryLoader

#446992686Reporter: 87...@developer.gserviceaccount.com
$0
9/24/2025

User can still unknowingly allow Permission Prompt Hidden behind PiP during Interaction

#373794472Reporter: fa...@gmail.com
$500
9/24/2025
Showing 11-20 of 8555 bugs
1234...856