Google patches fourth Chrome browser vulnerability in 2026
Google Fixes Fourth Chrome Zero-Day Exploited in Attacks in 2026
Google has released an emergency update to address a newly discovered Chrome zero-day vulnerability that has been exploited in the wild.
New Vulnerability Details
- The vulnerability, identified as CVE-2026-5281, stems from a use-after-free weakness in Dawn, the cross-platform implementation of the WebGPU standard used by the Chromium project.
- This flaw allows attackers to potentially trigger web browser crashes, data corruption, or rendering issues.
Exploitation in the Wild
- Google has confirmed that threat actors have been exploiting this zero-day flaw in the wild.
- The company has chosen not to disclose further details about these incidents, citing the need to protect affected users.
Patching and Updates
- The vulnerability affects users in the Stable Desktop channel.
- It has been addressed in new versions of Chrome, including Windows, macOS, and Linux variants.
- Users can update their browsers manually or allow Chrome to check for updates at the next launch and install them automatically.
According to a security advisory issued by Google, “This is the fourth actively exploited Chrome zero-day patched by Google in 2026, following previous vulnerabilities in the CSSFontFeatureValuesMap, Skia 2D graphics library, and V8 JavaScript and WebAssembly engine.”
Google’s rapid response to this vulnerability underscores the importance of staying up-to-date with the latest security patches to mitigate potential threats.
About Author
English