Disclosed Chromium Security Bugs

GPU process crash via WebGPU shader - global-buffer-overflow in Mesa lower_mem_store

#425271170Reporter: a7...@gmail.com
$1,000
10/3/2025

V8 Sandbox Bypass: OOB write in JsonParser due to dangling GC callback

#425121216Reporter: vs...@gmail.com
$1,000
10/3/2025

Security: Side-channel attack allows accessing the browsing history

#40064616Reporter: is...@oy.ne.ro
$1,000
10/3/2025

Chrome on IOS ignores Content-Type header (and nosniff) when rendering XHTML content

#335611025Reporter: jo...@gmail.com
$1,000
10/3/2025

Save As file dialog steal focus behind the PictureinPictureAPI save malicious file at arbitrary path

#384050903Reporter: pu...@gmail.com
$1,000
10/2/2025

GPU process crash via WebGPU shader - wild-deref in Mesa try_opt_exclusive_scan_to_inclusive

#425390965Reporter: a7...@gmail.com
$10,000
10/1/2025

[Security] Tapjacking on payment request dialog using window alert

#361611809Reporter: sa...@gmail.com
$1,000
9/27/2025

V8 Sandbox Bypass: UB V8HeapExplorer::GetSystemEntryName leads to OOB write

#425122187Reporter: vs...@gmail.com
$1,000
9/25/2025

GPU process crash via WebGPU shader - heap-buffer-overflow in Mesa anv_nir_compute_push_layout

#421399969Reporter: a7...@gmail.com
$10,000
9/23/2025

Security: DevTools XSS allows sandbox escape, UXSS, CDP access, other impacts

#402791076Reporter: al...@alesandroortiz.com
$4,000
9/20/2025
Showing 1-10 of 1534 bugs
1234...154