Google released Chrome updates to fix 21 vulnerabilities, including CVE-2026-5281, a high-severity zero-day that was exploited in the wild. The flaw is a use-after-free bug in Dawn, Chromium's open-source implementation of the WebGPU standard, and affects Chrome versions prior to 146.0.7680.177/178 on Windows and macOS and prior to 146.0.7680.177 on Linux. Google said the bug could lead to arbitrary code execution if an attacker had already compromised the renderer process and then used a crafted HTML page.
Google withheld detailed information about the attacks, saying access to specifics may remain restricted until more users have updated. The vulnerability was reported by the pseudonymous researcher 86ac1f1587b71893ed2ad792cd7dde32, who has also disclosed other Chrome flaws, and it marks the fourth actively exploited Chrome zero-day patched by Google this year after CVE-2026-3909, CVE-2026-3910, and CVE-2026-2441. Vivaldi had already shipped a fix, while Microsoft Edge was still preparing its corresponding update at the time of reporting.

Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
3 events from the most recent confirmed update back to the earliest known activity.
CISA added the actively exploited Chrome/WebGPU flaw CVE-2026-5281 to its Known Exploited Vulnerabilities catalog after Google's disclosure. The agency ordered Federal Civilian Executive Branch agencies to remediate the issue by 2026-04-15 under Binding Operational Directive 22-01.
By the time of reporting, Vivaldi had already released a browser update to address CVE-2026-5281 in its Chromium-based product. Microsoft Edge was still preparing its corresponding update.
Google released Chrome security updates addressing 21 vulnerabilities, including CVE-2026-5281, a high-severity use-after-free flaw in Dawn that had been exploited in the wild. The fixes updated Chrome to 146.0.7680.177/178 on Windows and macOS and 146.0.7680.177 on Linux, with Google withholding detailed exploitation information.
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
13 references tracked. Mallory keeps watching after this page renders.
github.com
Open sourcegithub.com
Open sourcescworld.com
Open sourcecybersecuritynews.com
Open sourcehelpnetsecurity.com
Open sourcegithub.com
Open sourcedarkwebinformer.com
Open sourcecvereports.com
Open sourceMap indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.