Disclosed Chromium Security Bugs

htmlunit:HtmlParserFuzzer: Security exception in org.htmlunit.cyberneko.HTMLTagBalancer.endElement

#499447433Reporter: 87...@developer.gserviceaccount.com
$0
5/6/2026

c-blosc2:decompress_frame_fuzzer: Use-of-uninitialized-value in get_coffset

#506457939Reporter: 87...@developer.gserviceaccount.com
$0
5/6/2026

kimageformats:kimgio_jxr_fuzzer: Use-of-uninitialized-value in JXRHandlerPrivate::readTextMeta

#506459935Reporter: 87...@developer.gserviceaccount.com
$0
5/6/2026

open62541:fuzz_mdns_xht: Heap-buffer-overflow in txt2sd

#510115700Reporter: 87...@developer.gserviceaccount.com
$0
5/6/2026

Bypass for console.log %c formatter url filter

#474670215Reporter: re...@gmail.com
$1,000
5/6/2026

Improper eliding of data uri causes URL spoofing in preview page.

#421690383Reporter: x4...@gmail.com
$0
5/6/2026

PIP Origin Attribution Missing When Triggered from `about:blank` via Injected JavaScript

#475238879Reporter: se...@gmail.com
$0
5/6/2026

V8 perf profiling follows symlinks and overwrites arbitrary files (perf-.map/jit-.dump) using 0666 open without O_NOFOLLOW

#474951825Reporter: na...@gmail.com
$0
5/6/2026

V8 Sandbox Bypass: Referencing non-shared heap data across isolates leads to UAF -> AAW/PC control

#444865195Reporter: kr...@gmail.com
$20,000
5/6/2026

[wasm][fast-api] Race between background compilation and NativeModule teardown could lead to UAF

#467705366Reporter: pi...@gmail.com
$0
5/6/2026
Showing 241-250 of 10546 bugs
1...242526...1055