Disclosed Chromium Security Bugs

c-blosc2:decompress_frame_fuzzer: Use-of-uninitialized-value in get_coffset

#494958474Reporter: 87...@developer.gserviceaccount.com
$0
4/23/2026

skcms:iccprofile_transform: Heap-buffer-overflow in skcms_private::baseline::clut

#504261818Reporter: 87...@developer.gserviceaccount.com
$0
4/23/2026

freetype2:truetype-render-i35: Heap-buffer-overflow in TT_RunIns

#499455833Reporter: 87...@developer.gserviceaccount.com
$0
4/23/2026

libvips:vips_fuzzer: Heap-buffer-overflow in vips_bandjoin_const_buffer

#500174822Reporter: 87...@developer.gserviceaccount.com
$0
4/23/2026

thrift-java:RoundtripCompactFuzzer: Security exception in org.apache.thrift.protocol.TProtocolUtil.skip

#478126022Reporter: 87...@developer.gserviceaccount.com
$0
4/23/2026

DCHECK failure in store_mode != StoreTaggedMode::kInitializing implies !value->is_conversion() in

#475582643Reporter: 24...@project.gserviceaccount.com
$0
4/23/2026

Third party installed extensions can silently increase permissions on update

#435980394Reporter: po...@gmail.com
$2,000
4/23/2026

TrustedPointerPublishingScope leaves a race condition gap

#393402168Reporter: jk...@chromium.org
$0
4/23/2026

DCHECK failure in context->Is() || context->Is() || context->Is

#475276567Reporter: 24...@project.gserviceaccount.com
$0
4/23/2026

wasmtime:wast_tests: Crash in ::call_unchecked_raw::<

#504268343Reporter: 87...@developer.gserviceaccount.com
$0
4/22/2026
Showing 341-350 of 10546 bugs
1...343536...1055