Disclosed Chromium Security Bugs

Heap Out-of-Bounds Write in RTCRtpSender::setParameters

#496266456Reporter: so...@gmail.com
$0
7/4/2026

ARM64 V8 Backend OOB via incorrect 32-bit index zero-extension in MemoryOperand

#496301615Reporter: rj...@google.com
$0
7/4/2026

Potential SharedDictionary partition bypass via stale isolation key on navigation redirect

#496231853Reporter: vi...@google.com
$0
7/4/2026

EnterFullscreen() bypasses fullscreen Permissions Policy via missing browser-side check

#488514078Reporter: os...@gmail.com
$2,000
7/4/2026

Heap Buffer Over-Read in OpenH264 Encoder Due to U/V Stride Mismatch

#491655161Reporter: je...@gmail.com
$3,000
7/4/2026

Potential negation overflow in HarfBuzz reverse_cursive_minor_offset leading to OOB access

#496302307Reporter: rj...@google.com
$0
7/4/2026

DCHECK failure in Holder v8::internal::TrustedCast(Holder, SourceLocation) [To = v8::int

#496627235Reporter: 24...@project.gserviceaccount.com
$0
7/4/2026

Heap-buffer-overflow in PDFium via integer overflow in bundled lcms2 ICC CLUT allocation

#496618639Reporter: se...@gmail.com
$3,000
7/4/2026

Heap-Use-After-Free in GraphiteCacheController

#485683119Reporter: fa...@gmail.com
$0
7/4/2026

CHECK failure: scope_info->HasOuterScopeInfo() in maglev-graph-builder.cc

#496855011Reporter: 24...@project.gserviceaccount.com
$0
7/4/2026
Showing 301-310 of 11332 bugs