Disclosed Chromium Security Bugs

Potential Browser Process UAF in PermissionRequestHandler::CancelRequestInternal

#500032538Reporter: vm...@google.com
$0
7/16/2026

Potential OOB write in GPU process via unvalidated H.264 first_mb_in_slice in VA-API

#500028989Reporter: vm...@google.com
$0
7/16/2026

Potential Use-After-Free in AwPacProcessor via NetworkCallback Race Condition

#499238195Reporter: vm...@google.com
$0
7/16/2026

Potential Sandbox Escape via Path Traversal with trailing whitespace on Windows

#498887785Reporter: vm...@google.com
$0
7/16/2026

Potential cross-thread destruction of cppgc::Persistent in RTCPeerConnectionHandler leads to UAF

#498845284Reporter: vm...@google.com
$0
7/16/2026

Extension Sandbox CSP bypass via form-feed parser differential

#498808432Reporter: vm...@google.com
$0
7/16/2026

Potential Use-After-Free in ANGLE Vulkan ContextVk::mImagesWithTileMemory

#498371085Reporter: vm...@google.com
$0
7/16/2026

Frame Tree Desynchronization via moveBefore() Synchronous Blur

#497964917Reporter: vm...@google.com
$0
7/16/2026

Potential UXSS on Android via javascript: URL injection in Tab Group Sync

#497934980Reporter: vm...@google.com
$0
7/16/2026

CSP and LNA bypass via dropped keep-alive handle in deferred popup navigations

#497595264Reporter: vm...@google.com
$0
7/16/2026
Showing 51-60 of 11332 bugs
1...567...1134