CVE-2026-5281
Description
CVE-2026-5281 is a high-severity use-after-free vulnerability in Google Chrome's Dawn component, allowing RCE. Affects versions prior to 146.0.7680.178.
CPE
| Product | Version Start | Version End (excl.) | Status |
|---|---|---|---|
| chrome | * | 146.0.7680.177 | vulnerable |
| macos | - | - | unaffected |
| linux_kernel | - | - | unaffected |
| windows | - | - | unaffected |
Related weakness (CWE)
Remediation plan
Apply official patches
Update Google Chrome to version 146.0.7680.178 or higher immediately to address the use-after-free flaw in the Dawn component.
Update affected systems
Verify that all desktop installations across Windows, macOS, and Linux are running a version later than 146.0.7680.177 to ensure the patch is applied.
Restrict access
Implement robust browser sandboxing and consider web filtering to block access to known malicious domains that may host exploit code targeting the renderer process.
Monitor for exploitation
Track frequent or unexplained crashes of the Chrome renderer process and monitor for unusual child processes or unauthorized file system modifications originating from the browser.
Detection Guidance
Detection should focus on identifying anomalous behavior within the Chrome renderer process. Look for repeated crashes in the Dawn/WebGPU modules or unexpected memory access patterns. Security teams should monitor EDR logs for Chrome processes spawning shells or executing suspicious commands. Additionally, inspect network traffic for connections to suspicious external IPs following a browser crash, which may indicate a successful stage-two payload delivery.