Disclosed Chromium Security Bugs

Use-after-poison in base::MemoryConsumer::UpdateMemoryLimit

#467474391Reporter: m....@gmail.com
$9,000
3/20/2026

Use-After-Poison in RouteMap::UpdateActiveRoutes

#467297219Reporter: an...@gmail.com
$8,000
3/19/2026

Maglev's handling of target and new.target is incorrect

#467247247Reporter: hu...@gmail.com
$50,000
3/19/2026

v8 incorrect Integer Overflow Elimination leads to potential OOB R/W

#466786677Reporter: fa...@gmail.com
$7,000
3/18/2026

V8: OOB memmove in FixedArray::MoveElements triggered via Array.shift leads to negative-size copy

#464459404Reporter: am...@gmail.com
$5,000
3/12/2026

V8 Sandbox Bypass: AAW/PC control via dispatch entry UAF during InstantiateAsmJs by hijacking start

#462217236Reporter: kr...@gmail.com
$20,000
3/12/2026

Dcheck failure in fixed-array-inl.h

#458914193Reporter: p1...@gmail.com
$8,000
3/10/2026

[bugSWAT] GPU process crash via WebGPU shader - wild-deref in Mesa aco::combine_instruction

#448294721Reporter: a7...@gmail.com
$10,000
3/10/2026

Extensions can hijack Gemini in the browser webview process to perform PE attacks by abusing DNR permissions, allowing stealing prompts, PII leakage, unrestricted access to camera-microphone and more

#463155954Reporter: we...@gmail.com
$7,000
3/4/2026

Security: SEGV_ACCERR 000044332211 in V8

#460678755Reporter: je...@gmail.com
$8,000
2/25/2026
Showing 1-10 of 951 bugs
1234...96