Disclosed Chromium Security Bugs

Trap in Builtins_GeneratorPrototypeNext

#477971110Reporter: 24...@project.gserviceaccount.com
$0
5/6/2026

DCHECK failure in use_count_ > 0 in maglev-ir.h

#478252842Reporter: 24...@project.gserviceaccount.com
$0
5/6/2026

grok:grk_decompress_fuzzer: Heap-buffer-overflow in grk::N_AVX2::DecompressRev::transform

#509208894Reporter: 87...@developer.gserviceaccount.com
$0
5/5/2026

graphicsmagick:coder_HEIC_fuzzer: Use-of-uninitialized-value in residual_coding

#494799445Reporter: 87...@developer.gserviceaccount.com
$0
5/5/2026

graphicsmagick:coder_MP4_fuzzer: Use-of-uninitialized-value in parse_sps_for_hvcC_configuration

#509055554Reporter: 87...@developer.gserviceaccount.com
$0
5/5/2026

mruby:mruby_fuzzer: Heap-use-after-free in mrb_vformat

#507421848Reporter: 87...@developer.gserviceaccount.com
$0
5/5/2026

fluent-bit:flb-it-fuzz-cmetrics_decode_fuzz_OSSFUZZ: Segv on unknown address in cfl_sds_len

#496106106Reporter: 87...@developer.gserviceaccount.com
$0
5/5/2026

Chrome (Windows): Opening download “demo. txt” executes sibling “demo. txt.exe” (object-level target confusion / unsafe Shell fallback)

#476862276Reporter: li...@gmail.com
$0
5/5/2026

CHECK failure: isolate_ == isolate in isolate-group.h

#478009691Reporter: 24...@project.gserviceaccount.com
$0
5/5/2026

V8 sandbox violation with empty stacktrace

#453899603Reporter: sa...@google.com
$0
5/5/2026
Showing 251-260 of 10546 bugs
1...252627...1055