CVE-2026-5281: Google Dawn Use-After-Free Vulnerability

Use after free in Dawn in Google Chrome prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)
CVE-2026-5281CVSS 8.8CISA KEVKnown Exploited

CVE-2026-5281: Google Dawn Use-After-Free Vulnerability

Use after free in Dawn in Google Chrome prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)

CVSS
8.8 HIGH
EPSS
91.23%
Known exploited
yes
Product
Dawn

What is known

Use after free in Dawn in Google Chrome prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)

Sources