Disclosed Chromium Security Bugs

DCHECK failure in kCanBeWeak || (!IsSmi() == HAS_STRONG_HEAP_OBJECT_TAG(ptr_)) in tagged-impl.h

#447004458Reporter: 24...@project.gserviceaccount.com
$0
1/2/2026

checkstyle:CheckstyleFuzzer: Security exception in com.puppycrawl.tools.checkstyle.grammar.java.JavaLanguageParser.expr

#472084712Reporter: 87...@developer.gserviceaccount.com
$0
1/1/2026

libssh:ssh_bind_config_fuzzer_nalloc: Heap-double-free in local_parse_glob

#449017557Reporter: 87...@developer.gserviceaccount.com
$0
1/1/2026

V8 Sandbox Bypass: WasmCPT handle UAF by import dispatch table growth

#446113730Reporter: se...@gmail.com
$20,000
1/1/2026

Heap-use-after-free in ui::AcceleratorManager::Process

#446986774Reporter: 24...@project.gserviceaccount.com
$0
1/1/2026

Heap-use-after-free in ui::AcceleratorManager::Process

#446962939Reporter: 24...@project.gserviceaccount.com
$0
1/1/2026

Crash in v8::internal::compiler::ObjectData::IsBigInt

#446735537Reporter: 24...@project.gserviceaccount.com
$0
1/1/2026

Crash in v8::internal::Map::instance_type

#446725502Reporter: 24...@project.gserviceaccount.com
$0
1/1/2026

Crash in v8::internal::compiler::ObjectData::IsContext

#446944035Reporter: 24...@project.gserviceaccount.com
$0
1/1/2026

Crash in v8::internal::compiler::JSNativeContextSpecialization::InferRootMap

#446730213Reporter: 24...@project.gserviceaccount.com
$0
1/1/2026
Showing 421-430 of 9745 bugs
1...424344...975