Disclosed Chromium Security Bugs

DCHECK failure in HasOutputRegister(target) in maglev-graph-builder.h

#491880254Reporter: 24...@project.gserviceaccount.com
$0
6/25/2026

UAF in XNN reshape

#492450480Reporter: he...@gmail.com
$43,000
6/25/2026

DCHECK failure in visited.empty() && inputs.empty() in wasm-revec-reducer.h

#493290797Reporter: 24...@project.gserviceaccount.com
$0
6/25/2026

ogre:ogre_deep_fuzz: Heap-buffer-overflow in Ogre::MeshSerializerImpl::flipEndian

#526497611Reporter: 87...@developer.gserviceaccount.com
$0
6/24/2026

suricata:fuzz_decodepcapfile: Index-out-of-bounds in DecodeSCTP

#524393069Reporter: 87...@developer.gserviceaccount.com
$0
6/24/2026

assimp:assimp_fuzzer_amf: Bad-cast to AMFColor from AMFMetadata in Assimp::AMFImporter::SPP_Material::GetColor

#519360629Reporter: 87...@developer.gserviceaccount.com
$0
6/24/2026

libpg_query:fuzz_protobuf: Negative-size-param in pg_query_normalize_ext

#525090185Reporter: 87...@developer.gserviceaccount.com
$0
6/24/2026

libpg_query:fuzz_protobuf: Heap-buffer-overflow in dostr

#526519393Reporter: 87...@developer.gserviceaccount.com
$0
6/24/2026

ogre:ogre_deep_fuzz: Bad-cast to Ogre::HardwareBuffer from invalid vptr in Ogre::HardwareBuffer::unlockImpl

#526758819Reporter: 87...@developer.gserviceaccount.com
$0
6/24/2026

Heap buffer overflow (read) in skcms curve table lookup via crafted ICC profile

#492744328Reporter: ma...@gmail.com
$3,000
6/24/2026
Showing 441-450 of 11332 bugs