new file mode 100644
--- /dev/null
+++ b/editor/libeditor/crashtests/1402904.html
@@ -0,0 +1,31 @@
+<script>
+function jsfuzzer() {
+  var option = document.getElementById("option");
+  option.addEventListener("click", () => {
+    document.execCommand("forwardDelete", false);
+  });
+  var li2 = document.getElementById("li2");
+  li2.addEventListener("DOMNodeInserted", () => {
+    option.click();
+  });
+  var select = document.getElementById("select");
+  select.parentElement.setAttribute("onpageshow", "onPageShow()");
+}
+
+function onPageShow() {
+  var li1 = document.getElementById("li1");
+  li1.addEventListener("DOMSubtreeModified", () => {
+    document.execCommand("selectAll", false);
+    document.execCommand("indent", false);
+  });
+  li1.appendChild(document.createElement("legend"));
+}
+</script>
+<body onload=jsfuzzer()>
+<select id="select">
+<option id="option"></option>
+</select>
+<li id="li1"></li>
+<ul contenteditable="true">
+<li id="li2"></li>
+<embed>a;#2

new file mode 100644
--- /dev/null
+++ b/editor/libeditor/crashtests/1405747.html
@@ -0,0 +1,15 @@
+<script>
+function jsfuzzer() {
+try { htmlvar00017.addEventListener("DOMSubtreeModified", eventhandler5); } catch(e) { }
+try { htmlvar00017.align = ""; } catch(e) { }
+}
+function eventhandler5() {
+try { document.execCommand("selectAll", false); } catch(e) { }
+try { document.execCommand("justifyCenter", false); } catch(e) { }
+try { document.execCommand("forwardDelete", false); } catch(e) { }
+}
+</script>
+<body onload=jsfuzzer()>
+<table contenteditable="">
+<th id="htmlvar00017"></th>
+<colgroup>
\ No newline at end of file

--- a/editor/libeditor/crashtests/crashtests.list
+++ b/editor/libeditor/crashtests/crashtests.list
@@ -76,8 +76,10 @@ needs-focus load 1343918.html
 load 1345015.html
 load 1348851.html
 load 1350772.html
 load 1366176.html
 load 1375131.html
 load 1381541.html
 load 1383755.html
 load 1402469.html
+load 1402904.html
+load 1405747.html