Disclosed Chromium Security Bugs

Bypass of Secure Payment Confirmation dialog via Page.setSPCTransactionMode

#496426191Reporter: vm...@google.com
$0
7/9/2026

Potential Local Privilege Escalation in CECA net worker via retained supplementary groups on macOS

#497828892Reporter: vm...@google.com
$0
7/9/2026

Protocol handler hijacking via Page.setRPHRegistrationMode

#496373088Reporter: vm...@google.com
$0
7/9/2026

Potential web_accessible_resources bypass via missing TargetHandler::Session delegation

#495853686Reporter: vi...@google.com
$0
7/9/2026

Potential Renderer-to-GPU sandbox escape via OOB access in D3D12 AV1 encode driver

#497821764Reporter: vm...@google.com
$0
7/9/2026

Potential Cross-Origin GPU Texture Leak via ResourceIdGenerator Wraparound in Viz

#497486030Reporter: vm...@google.com
$0
7/9/2026

Potential Use-after-free in MediaFoundationVideoEncodeAccelerator via Windows MF callback

#497151750Reporter: rj...@google.com
$0
7/9/2026

TOCTOU in Skia SkPathData::Make leads to Heap OOB Read in GPU process

#496206134Reporter: vm...@google.com
$0
7/9/2026

COOP bypass via stale BFCached RFH token in RenderFrameHostManager::DidChangeOpener

#495802788Reporter: vm...@google.com
$0
7/9/2026

Persistent Cross-Device UXSS via Home Button Drag-and-Drop

#498417031Reporter: vm...@google.com
$0
7/9/2026
Showing 201-210 of 11332 bugs