THREAT OPS › CVEs › CVE-2026-5281
CVE-2026-5281 — Google Dawn Use-After-Free Vulnerability
Google Dawn contains an use-after-free vulnerability that could allow a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page. This vulnerability could affect multiple Chromium-based products including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
Vulnerability details
- Affected productsDawn
- KEV remediation due2026-04-15
Exploiting threat actors
- Earth LuscaG1006
Related reporting
- The April 2026 Security Update Reviewzdi_blog
- April 2026 CVE Landscaperecordedfuture