Disclosed Chromium Security Bugs

libarchive:libarchive_fuzzer: Heap-buffer-overflow in aes_ctr_update

#524141478Reporter: 87...@developer.gserviceaccount.com
$0
6/25/2026

libredwg:llvmfuzz: Index-out-of-bounds in dwg_encode

#524832524Reporter: 87...@developer.gserviceaccount.com
$0
6/25/2026

libredwg:llvmfuzz: Heap-buffer-overflow in dwg_encode_add_object

#526016910Reporter: 87...@developer.gserviceaccount.com
$0
6/25/2026

Use-after-free in AudioRendererMixerInput via setSinkId/createMediaElementSource race

#492218537Reporter: je...@gmail.com
$4,000
6/25/2026

V8 Sandbox Bypass: IC Store ElementsKind TOCTOU: OOB Write Outside V8 Sandbox

#492561170Reporter: pe...@gmail.com
$5,000
6/25/2026

V8 Sandbox Bypass: AAW/PC Control via major GC between codegen and Code object creation

#489633232Reporter: kr...@gmail.com
$20,000
6/25/2026

Out-of-bounds heap read in VP9 encoder via WebCodecs VideoEncoder dimension reconfiguration

#487259772Reporter: ca...@gmail.com
$2,000
6/25/2026

OOB Write in the ruy::KernelFloatNeon (GPU process)

#492450478Reporter: he...@gmail.com
$43,000
6/25/2026

Iterator Invalidation in LayoutSubtreeRootList During Container Query Interleaved Style Recalc Leads to Use-After-Free

#491994185Reporter: je...@gmail.com
$11,000
6/25/2026

Heap UAF write in libyuv Convert8To16Row_Any_AVX2 via crafted raw VideoFrame input

#491515787Reporter: sh...@gmail.com
$7,000
6/25/2026
Showing 431-440 of 11332 bugs