Disclosed Chromium Security Bugs

IR: Evaluate backporting user error in substitute overrides

#407368915Reporter: pe...@google.com
$0
7/12/2025

sqlite3_lpm_fuzzer: Heap-use-after-free in renameTokenCheckAll

#408243082Reporter: 24...@project.gserviceaccount.com
$0
7/12/2025

DCHECK failure in Available() < size_in_bytes in new-spaces.cc

#408042977Reporter: 24...@project.gserviceaccount.com
$0
7/12/2025

wolfssl:fuzzer-wolfssl-client: Use-of-uninitialized-value in DoProcessReplyEx

#410114673Reporter: 87...@developer.gserviceaccount.com
$0
7/11/2025

Security: Capture Autofill Data using showPicker Spoofing

#41493771Reporter: fa...@gmail.com
$1,000
7/11/2025

Drag and Drop Can Navigate to File and Chrome URIs Without Restriction

#342579972Reporter: fa...@gmail.com
$500
7/11/2025

Improper Error Handling in LateLoadElimination for String Map in Turboshaft Leads to RCE

#403211343Reporter: hu...@gmail.com
$50,000
7/11/2025

V8 Sandbox Bypass: SP/PC control via Wasm JSPI central stack top confusion

#404285918Reporter: se...@gmail.com
$20,000
7/11/2025

Avoid GetHeapFromWritableObject and friends

#396607238Reporter: cl...@chromium.org
$0
7/11/2025

checkstyle:CheckstyleFuzzer: Security exception in com.puppycrawl.tools.checkstyle.grammar.java.JavaLanguageParser.expr

#429489019Reporter: 87...@developer.gserviceaccount.com
$0
7/10/2025
Showing 421-430 of 8577 bugs
1...424344...858