CVE-2026-5281

HIGH

Use after free in Dawn in Google Chrome prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)

CVSS v3.1 Score

8.8
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Attack Vector
NETWORK
Complexity
LOW
Privileges
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH
Published: 4/1/2026Modified: 4/2/2026

Related Intelligence (3)

CRITICALZero Day

Exploited Zero-Day Among 21 Vulnerabilities Patched in Chrome

Google has announced fixes for CVE-2026-5281, a zero-day affecting Chrome’s Dawn component. The post Exploited Zero-Day Among 21 Vulnerabilities Patched in Chrome appeared first on SecurityWeek .

CVE-2026-5281
SecurityWeek
CRITICALZero Day

New Chrome Zero-Day CVE-2026-5281 Under Active Exploitation — Patch Released

Google on Thursday released security updates for its Chrome web browser to address 21 vulnerabilities, including a zero-day flaw that it said has been exploited in the wild. The high-severity vulnerability, CVE-2026-5281 (CVSS score: N/A), concerns a use-after-free bug in Dawn, an open-source and cross-platform implementation of the WebGPU standard. "Use-after-free in Dawn in Google Chrome prior

CVE-2026-5281
The Hacker News
HIGHVulnerability

CISA KEV: Google Dawn — Google Dawn Use-After-Free Vulnerability

Google Dawn contains an use-after-free vulnerability that could allow a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page. This vulnerability could affect multiple Chromium-based products including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

CVE-2026-5281Google Dawn
CISA KEV

References (3)

https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_31.htmlVendor Advisoryhttps://issues.chromium.org/issues/491518608Issue TrackingPermissions Requiredhttps://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-5281US Government Resource