CVE-2026-5281

HIGH KEV

Google Chrome < 146.0.7680.178 - Use-After-Free in Dawn

Title source: llm
STIX 2.1

Exploitation Summary

CVE-2026-5281 is actively exploited and listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, added April 1, 2026. EIP tracks 4 public exploits from researchers including Hex0rc1st, TheMalwareGuardian, anansi2safe.

AI-analyzed exploit summary The repository contains a functional PoC for CVE-2026-5281, a Chrome Dawn WebGPU Use-After-Free vulnerability. It includes a version detector, vulnerability checker, and UAF trigger, demonstrating the exploit chain with detailed technical implementation.

Description

Use after free in Dawn in Google Chrome prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)

Exploits (4)

nomisec WORKING POC 1 stars
by TheMalwareGuardian · poc
https://github.com/TheMalwareGuardian/CVE-2026-5281

The repository contains a functional PoC for CVE-2026-5281, a Chrome Dawn WebGPU Use-After-Free vulnerability. It includes a version detector, vulnerability checker, and UAF trigger, demonstrating the exploit chain with detailed technical implementation.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Google Chrome < 146.0.7680.178
No auth needed
Prerequisites: Chrome browser with WebGPU enabled · Vulnerable Chrome version (< 146.0.7680.178)
devstral-2 · analyzed Apr 08, 2026 Full analysis →
github WORKING POC
by anansi2safe · htmldos
https://github.com/anansi2safe/CVE-2026-5281

This repository contains a functional exploit PoC for CVE-2026-5281, a use-after-free vulnerability in Chrome's WebGPU implementation. The exploit leverages improper cleanup of device callbacks in the Dawn wire server, leading to memory corruption when callbacks reference freed memory.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Chrome with WebGPU enabled
No auth needed
Prerequisites: WebGPU enabled in Chrome · Access to a vulnerable Chrome instance
devstral-2 · analyzed May 22, 2026 Full analysis →
nomisec WORKING POC
by umair-aziz025 · client-side
https://github.com/umair-aziz025/CVE-2026-5281-Research-Toolkit

This repository contains a functional exploit PoC for CVE-2026-5281, a WebGPU Use-After-Free (UAF) vulnerability in Chrome's Dawn backend. The exploit leverages buffer lifecycle mismanagement to trigger a UAF condition, leading to DoS or potential RCE.

Classification
Working Poc 95%
Attack Type
Dos | Rce
Complexity
Complex
Reliability
Reliable
Target: Google Chrome < 146.0.7680.178
No auth needed
Prerequisites: Windows platform · Google Chrome < 146.0.7680.178 · D3D12 (ANGLE) graphics backend
devstral-2 · analyzed Apr 07, 2026 Full analysis →

References (3)

Core 3

Scores

CVSS v3 8.8
EPSS 0.0092
EPSS Percentile 76.4%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation active
Automatable no
Technical Impact total

Details

CISA KEV 2026-04-01
VulnCheck KEV 2026-03-31
ENISA EUVD EUVD-2026-17795
CWE
CWE-416
Status published
Products (2)
google/chrome < 146.0.7680.177
Google/Chrome 146.0.7680.178
Published Apr 01, 2026
KEV Added Apr 01, 2026
Tracked Since Apr 01, 2026