Disclosed Chromium Security Bugs

libreoffice:sftfuzzer: Heap-buffer-overflow in vcl::ConvertCFFfontToType1

#533311278Reporter: 87...@developer.gserviceaccount.com
$0
7/16/2026

lua:luaL_loadstring_test: Heap-use-after-free in insertkey

#508107730Reporter: 87...@developer.gserviceaccount.com
$0
7/16/2026

selinux:checkpolicy-fuzzer: Use-of-uninitialized-value in hashtab_map

#508092982Reporter: 87...@developer.gserviceaccount.com
$0
7/16/2026

Permission escalation from write-only to read via stale downgraded_read_paths

#499078161Reporter: vm...@google.com
$0
7/16/2026

Potential Use-After-Unmap info leak in SocketDataPump due to flawed idle check

#497989379Reporter: vm...@google.com
$0
7/16/2026

Use-After-Free in WebSocketSpdyStreamAdapter via sequence evaluation reentrancy

#499194333Reporter: vm...@google.com
$0
7/16/2026

LNA and Fetch Metadata bypass via LinkPreview navigation

#497336872Reporter: vm...@google.com
$0
7/16/2026

Single-quote JS injection in HeadlessCommandHandler grants browser-level CDP access

#500124367Reporter: vm...@google.com
$0
7/16/2026

SourceBufferStream::FreeBuffers Dangling Iterator UAF Read/Write

#500387779Reporter: qw...@gmail.com
$0
7/16/2026

Cross-Origin Privacy Leak in FedCM Ambient UI via IDP Mismatch

#499366545Reporter: rj...@google.com
$0
7/16/2026
Showing 31-40 of 11332 bugs
1...345...1134