Disclosed Chromium Security Bugs

libplist:bplist_fuzzer: Heap-buffer-overflow in parse_bin_node_at_index

#467517003Reporter: 87...@developer.gserviceaccount.com
$0
2/12/2026

fluent-bit:flb-it-fuzz-cmetrics_decode_fuzz_OSSFUZZ: Heap-buffer-overflow in cmt_mpack_consume_uint_tag

#472785094Reporter: 87...@developer.gserviceaccount.com
$0
2/12/2026

DCHECK failure in HasOutputRegister(target) in maglev-graph-builder.h

#457880083Reporter: 24...@project.gserviceaccount.com
$0
2/12/2026

DCHECK failure in (checked_value()) == nullptr in maglev-known-node-aspects.h

#457657421Reporter: 24...@project.gserviceaccount.com
$0
2/12/2026

DCHECK failure in properties().can_eager_deopt() || properties().is_deopt_checkpoint() in maglev-i

#457690464Reporter: 24...@project.gserviceaccount.com
$0
2/12/2026

libdwarf:fuzz_set_frame_all: Heap-use-after-free in _dwarf_exec_frame_instr

#475563464Reporter: 87...@developer.gserviceaccount.com
$0
2/11/2026

Windows download logic flaw: % triggers double extension sanitization bypass (.lnk .lnk, .scf .scf)

#444803530Reporter: br...@gmail.com
$3,000
2/11/2026

the permission prompt is not in the correct position lead to spoofing

#379241460Reporter: sa...@gmail.com
$500
2/11/2026

race condition on pip window lead to spoof address bar

#367475557Reporter: sa...@gmail.com
$500
2/11/2026

Security: opens a new window at the same time as the previous window in fullscreen mode, (the window enters fullscreen mode which is closed by another new window) leads to spoof

#40074800Reporter: sa...@gmail.com
$1,000
2/11/2026
Showing 411-420 of 10084 bugs
1...414243...1009