CVE-2026-5281: Google Dawn Use-After-Free Vulnerability. Google Dawn
Google Dawn Use-After-Free Vulnerability. Google Dawn contains an use-after-free vulnerability that could allow a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page. This vulnerability could affect multiple Chromium-based products including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
- CISA KEV-listed (remediation due 2026-04-15)
- EPSS 0.9% (76.4% percentile)