Disclosed Chromium Security Bugs

DCHECK failure in Holder v8::internal::TrustedCast(Holder, SourceLocation) [To = v8::int

#465459516Reporter: 24...@project.gserviceaccount.com
$0
3/12/2026

V8 correctness failure in sources: b6

#464965404Reporter: 24...@project.gserviceaccount.com
$0
3/12/2026

DCHECK failure in Holder v8::internal::TrustedCast(Holder, SourceLocation) [To = v8::int

#465474033Reporter: 24...@project.gserviceaccount.com
$0
3/12/2026

DCHECK failure in Holder v8::internal::TrustedCast(Holder, SourceLocation) [To = v8::int

#465488602Reporter: 24...@project.gserviceaccount.com
$0
3/12/2026

V8: OOB memmove in FixedArray::MoveElements triggered via Array.shift leads to negative-size copy

#464459404Reporter: am...@gmail.com
$5,000
3/12/2026

V8 Sandbox Bypass: AAW/PC control via dispatch entry UAF during InstantiateAsmJs by hijacking start

#462217236Reporter: kr...@gmail.com
$20,000
3/12/2026

Integer Overflow leading to Buffer Overflow in tiny_ssim

#412867398Reporter: da...@gmail.com
$0
3/11/2026

glslang:compile_fuzzer: Heap-buffer-overflow in glslang::HlslGrammar::acceptDeclaration

#42528461Reporter: mo...@clusterfuzz-external.iam.gserviceaccount.com
$0
3/11/2026

radare2:ia_fuzz: Heap-buffer-overflow in dotnet_parse_version_info

#467965779Reporter: 87...@developer.gserviceaccount.com
$0
3/11/2026

V8 correctness failure in sources: 62

#464323255Reporter: 24...@project.gserviceaccount.com
$0
3/11/2026
Showing 221-230 of 10084 bugs
1...222324...1009