Disclosed Chromium Security Bugs

clickjacking (enterjacking) download notification when a window.alert() is closed

#405727341Reporter: sa...@gmail.com
$3,000
1/23/2026

V8 Sandbox Bypass: AAW/PC control via OOB builtin in SharedFunctionInfo

#451355210Reporter: kr...@gmail.com
$20,000
1/23/2026

Vulnerability: CVE-2019-8341 affecting GitOnBorg::chromium::chromium::src

#440001496Reporter: au...@google.com
$0
1/23/2026

WebAuthn passkey API allows popunder bypass

#41487070Reporter: kv...@gmail.com
$0
1/23/2026

ffmpeg:ffmpeg_dem_IAMF_fuzzer: Heap-buffer-overflow in parse_coupled_substream

#472346778Reporter: 87...@developer.gserviceaccount.com
$0
1/22/2026

harfbuzz:hb-subset-fuzzer: Heap-use-after-free in graph::LigatureSubstFormat1::shrink

#475607265Reporter: 87...@developer.gserviceaccount.com
$0
1/22/2026

poppler:annot_fuzzer: Heap-use-after-free in g_type_check_instance_is_fundamentally_a

#476973662Reporter: 87...@developer.gserviceaccount.com
$0
1/22/2026

TDZ check elision leading to hole leak

#450618029Reporter: ry...@gmail.com
$50,000
1/22/2026

LPE - Arbitrary File Write in Google Chrome Enterprise (MacOS): The GoogleUpdater, which is executed by root, follows symlinks when writing the file settings.dat in the user folder

#448113221Reporter: jo...@gmail.com
$3,000
1/22/2026

Signature check for fast API calls too loose - [was: DCHECK failure in BelongsToThisGraph(i) in graph.h]

#450652935Reporter: 24...@project.gserviceaccount.com
$0
1/22/2026
Showing 591-600 of 10097 bugs
1...596061...1010