Disclosed Chromium Security Bugs

DCHECK failure in NodeTypeIs(GetNodeType(broker, local_isolate, *this, input), NodeType::kContext)

#420740698Reporter: 24...@project.gserviceaccount.com
$0
9/5/2025

Bad-cast to int (void (*)(unsigned int, const char *, int, void *, void *, const char *), const long *) in ui::SetEGLDebugCallback

#420972292Reporter: 24...@project.gserviceaccount.com
$0
9/5/2025

DCHECK failure in num_temporaries_needed() == 0 in maglev-ir.h

#420516994Reporter: 24...@project.gserviceaccount.com
$0
9/5/2025

Split View mini toolbar shows incorrect URL despite different page content

#442860746Reporter: ch...@gmail.com
$0
9/4/2025

libucl:ucl_add_string_fuzzer: Heap-use-after-free in ucl_hash_search

#422814949Reporter: 87...@developer.gserviceaccount.com
$0
9/4/2025

[0-day] V8 sandbox bypass via Turbofan

#420637585Reporter: bs...@google.com
$0
9/4/2025

[0-day] Arbitrary read/write within the V8 sandbox via Turbofan

#420636529Reporter: bs...@google.com
$0
9/4/2025

V8 correctness failure in sources: 42

#420198866Reporter: 24...@project.gserviceaccount.com
$0
9/4/2025

Security: Race condition in AudioRendererImpl

#420150619Reporter: su...@gmail.com
$8,000
9/4/2025

Heap-use-after-free in ui::AXNode::ComputeFirstUnignoredChildRecursive

#419696309Reporter: 24...@project.gserviceaccount.com
$0
9/4/2025
Showing 761-770 of 9394 bugs
1...767778...940