Disclosed Chromium Security Bugs

tinyusb:cdc: Null-dereference READ in ubsan_GetStackTrace

#444622228Reporter: 87...@developer.gserviceaccount.com
$0
11/27/2025

tinyusb:msc: Crash in msc

#461325312Reporter: 87...@developer.gserviceaccount.com
$0
11/27/2025

V8: ArrayBuffer Use-after-Free in WebAssembly.Validate

#439772737Reporter: bi...@google.com
$0
11/27/2025

V8 Sandbox Bypass: In-sandbox corruption allows execution of arbitrary runtime functions / intrinsics

#439380004Reporter: se...@gmail.com
$20,000
11/27/2025

DCHECK failure in new_nodes_at_end_.empty() in maglev-reducer.h

#439970336Reporter: 24...@project.gserviceaccount.com
$0
11/27/2025

DCHECK failure in (builder_->current_block()) == nullptr in maglev-graph-builder.cc

#439945236Reporter: 24...@project.gserviceaccount.com
$0
11/27/2025

DCHECK failure in (current_block()) == nullptr in maglev-graph-builder.cc

#439970326Reporter: 24...@project.gserviceaccount.com
$0
11/27/2025

Vulnerability: Package sqlite affected by CVE-2025-6965 affecting GitOnBorg::chromium::chromium::src

#434161973Reporter: au...@google.com
$0
11/26/2025

Permission element inner div with style width: 150px;height: 150px;mask-image: url(circle-svgrepo-com.svg); can be abused if no element in the parent chain has any width: 150px;height: 150px;mask-image: url(circle-svgrepo-com.svg); are set

#437510229Reporter: sa...@gmail.com
$0
11/26/2025

DCHECK failure in (current_block()) == nullptr in maglev-graph-builder.cc

#439752700Reporter: 24...@project.gserviceaccount.com
$0
11/26/2025
Showing 341-350 of 9388 bugs
1...343536...939