Disclosed Chromium Security Bugs

DevTools frontend leaks breakpoint history to any remote WebSocket server it connects to

#404000989Reporter: da...@gmail.com
$2,000
7/9/2025

V8 correctness failure in sources: d7

#401073454Reporter: 24...@project.gserviceaccount.com
$0
7/9/2025

CSP media-src bypass with HLS

#40092286Reporter: s....@gmail.com
$1,000
7/9/2025

The extension popup can appear over the PWA install prompt

#384068255Reporter: ch...@gmail.com
$500
7/9/2025

threetenbp:ThreetenbpFuzzer: Security exception in org.threeten.bp.format.DateTimeFormatterBuilder$CompositePrinterParser.parse

#42527027Reporter: mo...@clusterfuzz-external.iam.gserviceaccount.com
$0
7/8/2025

ffmpeg:ffmpeg_AV_CODEC_ID_VVC_fuzzer: Heap-buffer-overflow in hls_palette_coding

#421336912Reporter: 87...@developer.gserviceaccount.com
$0
7/8/2025

Insufficient fix for crbug/376625003 (local file read with chrome.devtools)

#406034851Reporter: ma...@gmail.com
$1,000
7/8/2025

ffmpeg:ffmpeg_SWS_fuzzer: Use-of-uninitialized-value in hScale8To19_c

#409078342Reporter: 87...@developer.gserviceaccount.com
$0
7/7/2025

tarantool:luaL_loadbuffer_fuzzer: Stack-buffer-overflow in snap_usedef

#408571331Reporter: 87...@developer.gserviceaccount.com
$0
7/7/2025

arrow:parquet-arrow-fuzz: Use-after-poison in parquet::PlainDecoder

#429645368Reporter: 87...@developer.gserviceaccount.com
$0
7/6/2025
Showing 191-200 of 8283 bugs
1...192021...829