Google Releases Exploit Code for Unpatched Chromium Vulnerability Affecting Millions

Google published working exploit code for a critical Chromium security vulnerability that was reported nearly 29 months ago but remains unfixed, potentially exposing millions of users to active attacks. The premature disclosure of the exploit code before a patch is available has raised concerns about the responsible disclosure process and the extended timeline for fixing the flaw.

Why it matters: This incident highlights critical gaps in vulnerability disclosure practices and patch timing that directly impact the security posture of billions of Chromium-based browser users worldwide.