Disclosed Chromium Security Bugs

kimageformats:kimgio_jxr_fuzzer: Use-of-uninitialized-value in JXRHandlerPrivate::imageSize

#505659849Reporter: 87...@developer.gserviceaccount.com
$0
4/25/2026

Security: heap-use-after-free in v8::Isolate::SuppressMicrotaskExecutionScope::~SuppressMicrotaskExe

#471257336Reporter: zh...@gmail.com
$11,000
4/25/2026

V8 sandbox violation in Builtins_InterpreterEntryTrampoline

#458679939Reporter: 24...@project.gserviceaccount.com
$0
4/25/2026

binutils:fuzz_addr2line: Crash in z80_elf_16_be_reloc

#505028216Reporter: 87...@developer.gserviceaccount.com
$0
4/24/2026

metadata-extractor:ImageMetadataReaderFuzzer: Security exception in com.drew.imaging.riff.RiffReader.processChunks

#368076876Reporter: 87...@developer.gserviceaccount.com
$0
4/24/2026

V8 Sandbox Bypass: OOB Write using %TypedArray%.prototype.set due to element type/size TOCTOU

#435630461Reporter: kr...@gmail.com
$7,000
4/24/2026

V8 Sandbox Bypass: AAW due to JSArrayBuffer extension handle double fetch

#464296297Reporter: h3...@gmail.com
$20,000
4/24/2026

Potential parameter count mismatch via `SharedFunctionInfoRef::GetBytecodeArray()`

#462288596Reporter: is...@chromium.org
$0
4/24/2026

lua:string_len_test: Crash in arena_for_chunk

#505242510Reporter: 87...@developer.gserviceaccount.com
$0
4/23/2026

libvips:vips_fuzzer: Heap-buffer-overflow in vips_stdif_generate

#503995698Reporter: 87...@developer.gserviceaccount.com
$0
4/23/2026
Showing 331-340 of 10546 bugs
1...333435...1055