Disclosed Chromium Security Bugs
←Back to DashboardUse-After-Free in DCOMPSurfaceRegistry due to data race on unsynchronized flat_map access in GPU Process
$11,000
7/17/2026
Integer overflow in ruy pack kernel offset leads to heap OOB write in the GPU process via WebNN quantized Gemm
$11,000
7/16/2026
Integer overflow in ruy SumsBytes leads to heap OOB write in the GPU process via WebNN quantized Gemm
$11,000
7/16/2026
REFILE: Browser-Process UAF in FileSystemAccessChangeSource::DidInitialize (Reliability-Improved PoC)
$10,000
7/15/2026
OOB Write in V8 TryMatchLoadStoreShift on Mac arm64 (OOB read on non-Mac arm64)
$11,000
7/15/2026
OOB write in PDFium TIFF decoder via lossless JPEG data precision mismatch
$50,000
7/15/2026
ANGLE Metal Shadow Buffer Stale Size causes GPU OOB WRITE
$18,000
7/10/2026
Maglev: unsound node replacement when inlining can lead to exploitable write barrier omission
$55,000
7/10/2026
UAF in Metal LibraryCache
$16,000
7/10/2026
Integer overflow in TFLite StridedSlice output dimension computation leads to heap buffer overflow in the GPU process
$43,000
7/9/2026