Disclosed Chromium Security Bugs
←Back to DashboardOOB write in PDFium TIFF decoder via lossless JPEG data precision mismatch
$50,000
7/15/2026
Maglev: unsound node replacement when inlining can lead to exploitable write barrier omission
$55,000
7/10/2026
ANGLE BlitGL copySubTextureCPUReadback Controlled Heap Overflow via Unsynchronized PACK_ROW_LENGTH
$90,000
7/7/2026
ANGLE Metal Stale mFormat Cache causes GPU OOB WRITE
$77,000
7/1/2026
Use-After-Free in Dawn Wire Server Uncaptured-Error Callback via Incomplete Device Unregistration Cleanup
$70,000
6/27/2026
Heap buffer overflow in BufferMtl shadow copy sync during bufferData leads to GPU process memory corruption in macOS
$77,000
6/24/2026
Wasm Liftoff stack corruption on eager compilation + JS interop prototype setup optimization
$50,000
6/17/2026
Arbitrary Memory Read/Write via WebGLBuffer Created During Context Loss Combined with PBO Operations
$90,000
6/11/2026
Use-after-free in CreateNewWindow via SINGLETON_TAB disposition leads to sandbox escape
$90,000
6/5/2026
Incorrect Maglev assumption leading to SIGSEGV
$55,000
6/4/2026