THREATOPS
THREAT OPSCVEs › CVE-2026-5281

CVE-2026-5281 — Google Dawn Use-After-Free Vulnerability

CISA KEVExploited: confirmedGoogle

Google Dawn contains an use-after-free vulnerability that could allow a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page. This vulnerability could affect multiple Chromium-based products including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

Vulnerability details

Exploiting threat actors

Related reporting