Disclosed Chromium Security Bugs

Browser-process Use-After-Free in cc::RTree via unbounded Paint Preview LinkData

#496205576Reporter: vm...@google.com
$0
7/3/2026

CHECK failure: scope_info->HasOuterScopeInfo()

#496356219Reporter: 24...@project.gserviceaccount.com
$0
7/3/2026

DCHECK failure in opt_scope_info.has_value() in maglev-graph-builder.h

#496272034Reporter: 24...@project.gserviceaccount.com
$0
7/3/2026

CHECK failure: (data_) != nullptr

#496510258Reporter: 24...@project.gserviceaccount.com
$0
7/3/2026

Potential bypass of user gesture requirement for Top-Level Storage Access API auto-grants

#496200059Reporter: vm...@google.com
$0
7/3/2026

Potential Use-After-Free in HWNDMessageHandler::Activate via synchronous ShowWindow

#495981317Reporter: vm...@google.com
$0
7/3/2026

V8 Sandbox Bypass: UaF via UncompiledData::job_

#489391127Reporter: wh...@google.com
$0
7/3/2026

Segv on unknown address in Builtins_JumpIfToBooleanTrueHandler

#492687364Reporter: 24...@project.gserviceaccount.com
$0
7/3/2026

libredwg:llvmfuzz: Heap-double-free in dxf_blocks_read

#529581210Reporter: 87...@developer.gserviceaccount.com
$0
7/2/2026

libjxl:djxl_fuzzer: Use-of-uninitialized-value in jxl::N_SSE2::StrengthEvalLut::operator

#502286057Reporter: 87...@developer.gserviceaccount.com
$0
7/2/2026
Showing 331-340 of 11332 bugs