Disclosed Chromium Security Bugs

ANGLE BlitGL copySubTextureCPUReadback Controlled Heap Overflow via Unsynchronized PACK_ROW_LENGTH

#490170083Reporter: ci...@gmail.com
$90,000
7/7/2026

Potential firewall hole leak in FirewallHoleDelegate via concurrent UDP socket requests

#496382601Reporter: vm...@google.com
$0
7/7/2026

CHECK failure: scope_info->HasOuterScopeInfo() in maglev-graph-builder.cc

#497565437Reporter: 24...@project.gserviceaccount.com
$0
7/7/2026

DCHECK failure in Holder v8::internal::TrustedCast(Holder, SourceLocation) [To = v8::int

#497629984Reporter: 24...@project.gserviceaccount.com
$0
7/7/2026

DCHECK failure in IsJSGlobalProxy(value) in js-objects-tq-inl.inc

#497505520Reporter: 24...@project.gserviceaccount.com
$0
7/7/2026

Use-After-Free in PowerVR Driver (libIMGegl.so) via Transform Feedback Resource Binding Race Condition

#480788630Reporter: ha...@gmail.com
$0
7/7/2026

Potential SameSite=Lax CSRF via unvalidated vc_issuance_endpoint in FedCM

#495786857Reporter: vi...@google.com
$0
7/7/2026

Potential Stack Information Leak in gfx::GenerateAmbientViewingEnvironment

#497527002Reporter: vm...@google.com
$0
7/7/2026

DCHECK failure in i < this ->context_local_count() in scope-info-tq-inl.inc

#497215789Reporter: 24...@project.gserviceaccount.com
$0
7/6/2026

CHECK failure: !scope_info.HasOuterScopeInfo() implies d + 1 == depth in maglev-graph-builder.c

#497330273Reporter: 24...@project.gserviceaccount.com
$0
7/6/2026
Showing 281-290 of 11332 bugs