Disclosed Chromium Security Bugs

WebGLOnWebGPU: draw allowed with invalid vertex / index buffer state

#472376568Reporter: le...@gmail.com
$8,000
4/17/2026

libGLES_mali UAF via WebGPU shaders at llvm::BasicBlock::getTerminator

#442273697Reporter: a7...@gmail.com
$25,000
4/17/2026

Intersection Observer v2 API fails to correctly determine target's visibility for dynamically changed z-indexes, enabling clickjacking against Google One Tap

#422531206Reporter: he...@gmail.com
$5,000
4/17/2026

V8 Sandbox Bypass: Memory corruption during StringToBigInt conversion

#474041332Reporter: sa...@google.com
$0
4/17/2026

Vulnerability: CVE-2025-66570: cpp-httplib Untrusted HTTP Header Handling: Internal Header Shadowing (REMOTE*/LOCAL*) affecting GitOnBorg::chromium::crashpad::crashpad

#467216600Reporter: au...@google.com
$0
4/17/2026

cctest/test-api/Threading8 starts flaking

#472656266Reporter: ma...@google.com
$0
4/17/2026

Crash in Maglev due to Stale ScopeInfo Cache with Async Generators

#470831166Reporter: hu...@gmail.com
$10,000
4/17/2026

CSA_DCHECK failed: IsNotCleared(value)

#471580187Reporter: je...@gmail.com
$8,000
4/17/2026

CHECK failure: OldGenerationAllocationLimitConsumedBytes() <= old_generation_allocation_limit()

#474211148Reporter: 24...@project.gserviceaccount.com
$0
4/17/2026

CHECK failure: scope_info.scope_type() != ScopeType::SCRIPT_SCOPE

#472865261Reporter: 24...@project.gserviceaccount.com
$0
4/17/2026
Showing 1-10 of 10084 bugs
1234...1009