Disclosed Chromium Security Bugs

checkstyle:CheckstyleFuzzer: Security exception in com.puppycrawl.tools.checkstyle.JavaAstVisitor.getInnerBopAst

#472247330Reporter: 87...@developer.gserviceaccount.com
$0
12/31/2025

Wasm type confusion due to custom descriptors spec ambiguity in `ref.get_desc` exactness typing

#446124893Reporter: se...@gmail.com
$55,000
12/31/2025

Wasm type confusion due to missing exactness check on JS-Wasm boundary

#446124892Reporter: se...@gmail.com
$55,000
12/31/2025

Wasm type confusion due to wrong reachability analysis in `WasmGCTypeAnalyzer::ProcessBranchOnTarget()` with custom descriptor casts

#446122633Reporter: se...@gmail.com
$55,000
12/31/2025

Wasm type confusion due to custom descriptors spec unsoundness on `ref.func` exact typing

#446113731Reporter: se...@gmail.com
$55,000
12/31/2025

Wasm type confusion due to spec unsoundness in `cast_desc` operations

#446113732Reporter: se...@gmail.com
$55,000
12/31/2025

Crash in v8::internal::ObjectStatsCollectorImpl::CollectStatistics

#446778618Reporter: 24...@project.gserviceaccount.com
$0
12/31/2025

Crash with empty stacktrace

#446239322Reporter: 24...@project.gserviceaccount.com
$0
12/31/2025

Crash in v8::internal::ObjectStatsCollectorImpl::RecordVirtualObjectsForConstantPoolOrEmb

#446261252Reporter: 24...@project.gserviceaccount.com
$0
12/31/2025

Crash in v8::internal::Map::instance_size_in_words

#446057766Reporter: 24...@project.gserviceaccount.com
$0
12/31/2025
Showing 791-800 of 10158 bugs
1...798081...1016