[kevincox]

Might want to reach out to a security researcher. It could be an exploitable bug.

[fulafel]

Safari also has a bug bounty program so this could be worth $$. At least on the Chrome blog WebGL bugs regularly net people bounties.

(Example: https://chromereleases.googleblog.com/2022/08/stable-channel... - the bountied ANGLE and SwiftShader bugs are WebGL. You don't need to craft exploits at least in Chrome's program, just demo crashes that look concerning)