Disclosed Chromium Security Bugs

SSRF and PNA Bypass via Path Traversal in cast-dial URLs during DIAL App Discovery

#499213367Reporter: vm...@google.com
$0
7/17/2026

GPU Process RCE via oversized Interface Block declaration in ANGLE

#499124128Reporter: vm...@google.com
$0
7/17/2026

Potential Data Race in CdmProxyImpl leading to UAF in MediaFoundationService

#499018355Reporter: vm...@google.com
$0
7/17/2026

Potential uninitialized memory disclosure in WebNN CoreML float16 tensors

#497926664Reporter: vm...@google.com
$0
7/17/2026

Potential UAF in ANGLE Vulkan backend via shared mRenderPassUsageFlags

#498782555Reporter: vm...@google.com
$0
7/17/2026

Site Isolation Bypass: Cross-Origin Hit-Test Oracle via ZoomToFindInPageRectInMainFrame

#496624084Reporter: vm...@google.com
$0
7/17/2026

PNA Bypass and Local Network CSRF via Presentation API (Wired Display)

#496555077Reporter: vm...@google.com
$0
7/17/2026

Integer overflow in ANGLE D3D11 compressed 3D texture deferred-init leads to heap OOB read in GPU process

#497896137Reporter: se...@gmail.com
$3,000
7/17/2026

Potential arbitrary file write/RCE via path traversal in FirmwareUpdateManager

#498788817Reporter: vm...@google.com
$0
7/17/2026

DCHECK failure in i < this ->context_local_count() in scope-info-tq-inl.inc

#500832296Reporter: 24...@project.gserviceaccount.com
$0
7/17/2026
Showing 21-30 of 11332 bugs