Vulnerability intelligence
CVE-2026-5284
Use after free in Dawn in Google Chrome prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)
CVSS Score
7.5
High
EPSS — Exploit Probability
0.3%
Riskier than 20% of all CVEs
Exploitation
Not in CISA KEV
No federal exploitation record
Remediation
Patch available
Vendor fix published
1 article across 1 outlet · first covered Apr 1, 2026 · latest Apr 1, 2026
Tracked incidents
Coverage timeline
-
Exploited Zero-Day Among 21 Vulnerabilities Patched in Chromewww.securityweek.com · Apr 1, 2026