Disclosed Chromium Security Bugs

OOB read in skia::BGRAConvolve2D

#417599694Reporter: vm...@gmail.com
$3,000
5/1/2026

Chrome Windows - PIP Window Displays Incorrect Origin When Domain Uses RTL Characters

#474948986Reporter: se...@gmail.com
$3,000
5/1/2026

CHECK failure: HeapConstant of kRepTaggedPointer (HeapConstant(ADDRESS {ADDRESS

#477645118Reporter: 24...@project.gserviceaccount.com
$0
5/1/2026

DCHECK failure in state_ == kRegallocInfo in maglev-ir.h

#476329375Reporter: 24...@project.gserviceaccount.com
$0
5/1/2026

assimp:assimp_fuzzer: Crash in void Assimp::Blender::ConvertDispatcher

#488752792Reporter: 87...@developer.gserviceaccount.com
$0
4/30/2026

ndpi:fuzz_ndpi_reader_pl7m_simplest: Heap-buffer-overflow in ___interceptor_strncpy

#507904196Reporter: 87...@developer.gserviceaccount.com
$0
4/30/2026

rdkit:smiles_string_to_mol_fuzzer: Bad-cast to RDKit::AtomRDKit::Canon::initCanonAtoms in RDKit::Canon::rankMolAtoms

#491506909Reporter: 87...@developer.gserviceaccount.com
$0
4/30/2026

binutils:fuzz_dwarf: Null-dereference READ in load_separate_debug_files

#507172933Reporter: 87...@developer.gserviceaccount.com
$0
4/30/2026

rdkit:smiles_string_to_mol_fuzzer: Use-of-uninitialized-value in RDKit::Chirality::cleanupStereoGroups

#491028577Reporter: 87...@developer.gserviceaccount.com
$0
4/30/2026

rdkit:smiles_string_to_mol_fuzzer: Bad-cast to RDKit::Atom from invalid vptr in RDKit::Canon::initCanonAtoms

#490937718Reporter: 87...@developer.gserviceaccount.com
$0
4/30/2026
Showing 291-300 of 10546 bugs
1...293031...1055