Disclosed Chromium Security Bugs
←Back to DashboardFrameState: polymorphic Wasm accessor lazy deopt type confusion lead to in-sandbox corruption
$10,000
7/8/2026
GPU memory information leak via premature SetInitialized in BlitTextureToBuffer
$0
7/8/2026
ChromeDriver Argument Sanitization Bypass — Positional Argument Injection
$500
7/8/2026
Potential RCE in Browser Process via out-of-bounds read in MediaSessionImpl
$0
7/8/2026
Integer overflow in ANGLE D3D11 TextureStorage11::setData() leads to heap buffer overflow via WebGL2
$5,000
7/8/2026
Potential Use-After-Free in TargetHandler::AutoAttacherDestroyed
$0
7/8/2026
Potential Use-After-Free and Double Free in MojoVideoDecoder::Stop()
$0
7/8/2026
Potential Privilege Escalation via Unvalidated target_tree_id in Reading Mode
$0
7/8/2026
Potential unauthenticated Expat DTD parsing in CRD signaling via libjingle_xmpp
$0
7/8/2026
heap-buffer-overflow in ANGLE VertexArrayVk::convertVertexBufferCPU
$16,000
7/8/2026