Disclosed Chromium Security Bugs

Integer Overflow in ElementsUploadDataStream Leading to HTTP Request Smuggling

#497450574Reporter: vm...@google.com
$0
7/8/2026

Renderer navigation bypass to privileged schemes via client_side_redirect_url

#497365545Reporter: vm...@google.com
$0
7/8/2026

ProtectedMemory bypass for MojoJS via runtime-enabled feature string iteration gadget

#497250399Reporter: vm...@google.com
$0
7/8/2026

Cross-origin resource fetch bypass in WebUI webview script injection

#496016840Reporter: vm...@google.com
$0
7/8/2026

Potential UAF in RTCPeerConnectionHandler via dangling WebLocalFrame pointer

#497695401Reporter: rj...@google.com
$0
7/8/2026

3PCD bypass via incorrect site_for_cookies in OSDD fetch

#496626029Reporter: vm...@google.com
$0
7/8/2026

Unauthorized desktop capture via missing URL validation in ReconnectPresentation

#496399759Reporter: vm...@google.com
$0
7/8/2026

SSRF via unvalidated DIAL Application Instance URL

#496298665Reporter: vm...@google.com
$0
7/8/2026

Potential uninitialized memory use in AXPlatformNodeWin header cell getters

#498201025Reporter: vm...@google.com
$0
7/8/2026

DCHECK failure in Holder v8::internal::TrustedCast(Holder, SourceLocation) [To = v8::int

#497946219Reporter: 24...@project.gserviceaccount.com
$0
7/8/2026
Showing 241-250 of 11332 bugs