Disclosed Chromium Security Bugs

Arbitrary browser-initiated navigation via unvalidated Web App Migration API manifest

#496276216Reporter: vm...@google.com
$0
7/7/2026

Extension access to passkeys (webauthn) bypasses runtime_blocked_hosts enterprise policy

#494341321Reporter: ro...@robwu.nl
$2,000
7/7/2026

Unbounded page dimensions in SkMultiPictureDocument lead to DoS in PrintCompositor

#496526419Reporter: vm...@google.com
$0
7/7/2026

Potential Cross-Origin Password Generation Poisoning in ChromePasswordManagerClient

#497632199Reporter: rj...@google.com
$0
7/7/2026

Potential Browser Process Double-Free via Race Condition in OutputStreamWriteOperation

#497531263Reporter: vm...@google.com
$0
7/7/2026

Permission Spoofing/Bypass via Missing Scheme Check in ChromePermissionsClient

#497008295Reporter: vm...@google.com
$0
7/7/2026

Microphone permission bypass via TOCTOU in SpeechRecognitionManagerDelegate

#497007825Reporter: vm...@google.com
$0
7/7/2026

Sandbox Escape: Premature RenderFrameDeleted via spoofed DidUnloadRenderFrame during inner delegate attach

#496463315Reporter: vm...@google.com
$0
7/7/2026

Potential Use-After-Free in ImageDownloaderImpl::ContextDestroyed

#497649372Reporter: rj...@google.com
$0
7/7/2026

WebUSB bug bypasses Chromium's protected USB class restrictions, giving any webpage unrestricted access to USB devices.

#489711638Reporter: ar...@gmail.com
$2,000
7/7/2026
Showing 271-280 of 11332 bugs