Google Patching Zero-Day Exploit CVE-2026-5281 in Chrome Browser
Chrome Zero-Day Exploit Fixed, Users Advised to Update
Google has released patches to address 21 vulnerabilities in its Chrome browser, including a zero-day exploit (CVE-2026-5281) that has been observed in the wild.
According to the Google advisory, “The vulnerability, discovered in the Dawn component of the browser, allows a remote attacker to execute arbitrary code via a crafted HTML page.”
Affected Versions
The affected Chrome versions prior to v146.0.7680.177/178 for Windows/Mac and before v146.0.7680.177 for Linux.
Patch Availability
- A pseudonymous bug hunter had flagged the issue, which was previously addressed in the March 23, 2026, update.
- The bug hunter had reported three use-after-free vulnerabilities in Dawn, including CVE-2026-5281, CVE-2026-4675, and CVE-2026-4676.
Action Required
Related Developments
- Chromium-based browsers such as Vivaldi have already rolled out fixes.
- Microsoft is working on releasing a patch for its Edge browser.
- This development comes after Google announced plans to shift to a bi-weekly release cycle for both the beta and stable versions of Chrome, starting in September 2026.
About Author
English