Chromium drift tracker exposes how long browsers ship known-patched bugs

A new public tracker measures how far each major Chromium-based browser trails upstream Chromium. The premise is blunt: once a fix lands in Chromium’s open-source tree, the patch notes are a roadmap. Anyone running a downstream browser that hasn’t pulled the update is exposed to vulnerabilities whose exploitation path is already documented in public commits.

The drift problem isn’t theoretical. Browsers like Edge, Brave, Opera, Vivaldi, and Samsung Internet rebase on Chromium at their own cadence, and each release lag is a window where n-day exploits work against users who believe they’re current. The site lets users check their own browser’s version against the upstream baseline, turning an opaque vendor decision into a measurable gap.

The broader signal: downstream Chromium forks inherit Chrome’s security velocity only if they actually keep up. Marketing claims about privacy or features don’t close the patch gap, and the tracker makes the trade-off visible per browser.