Disclosed Chromium Security Bugs

ogre:ogre_deep_fuzz: Crash in Ogre::MemoryDataStream::read

#497803791Reporter: 87...@developer.gserviceaccount.com
$0
4/18/2026

matio:matio_fuzzer: Use-of-uninitialized-value in H5S_select_hyperslab

#502905691Reporter: 87...@developer.gserviceaccount.com
$0
4/18/2026

V8 sandbox bypass: arbitrary bytecode execution with replaced bytecode array in lazy deoptimization throw

#469878492Reporter: pv...@gmail.com
$20,000
4/18/2026

UAF Vulnerability in TrustedSpace Due To Turboshaft's Optimization of TrustedPointers in WebAssembly

#471363817Reporter: hu...@gmail.com
$10,000
4/18/2026

CHECK failure: IsJSReceiver(*object) in json-stringifier.cc

#471610992Reporter: 24...@project.gserviceaccount.com
$0
4/18/2026

CHECK failure: scope_info.scope_type() != ScopeType::SCRIPT_SCOPE in maglev-graph-builder.cc

#469979150Reporter: 24...@project.gserviceaccount.com
$0
4/18/2026

WebGLOnWebGPU: draw allowed with invalid vertex / index buffer state

#472376568Reporter: le...@gmail.com
$8,000
4/17/2026

libGLES_mali UAF via WebGPU shaders at llvm::BasicBlock::getTerminator

#442273697Reporter: a7...@gmail.com
$25,000
4/17/2026

Intersection Observer v2 API fails to correctly determine target's visibility for dynamically changed z-indexes, enabling clickjacking against Google One Tap

#422531206Reporter: he...@gmail.com
$5,000
4/17/2026

V8 Sandbox Bypass: Memory corruption during StringToBigInt conversion

#474041332Reporter: sa...@google.com
$0
4/17/2026
Showing 591-600 of 10746 bugs
1...596061...1075