CVE-2026-5284: Use after free in Dawn in Google Chrome prior to 146.0.7680.178 allowed a remote attacker who had compromised the render

Description

Use after free in Dawn in Google Chrome prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)

Affected Products

Vendor	Product	Versions
dawn	in google chrome	146.0.7680.178

References

Related News (3 articles)

Tier D

SecurityWeek2h ago

Exploited Zero-Day Among 21 Vulnerabilities Patched in Chrome

→ No new info (linked only)

Tier C

VulDB11h ago

CVE-2026-5284 | Google Chrome up to 146.0.7680.165 Dawn use after free (ID 492139)

→ No new info (linked only)

Tier B

CERT-FR17h ago

Multiples vulnérabilités dans Google Chrome (01 avril 2026)

→ No new info (linked only)

CVSS 3.17.5 HIGH

VectorCVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

CISA KEV❌ No

Actively exploited✅ Yes

Patch available

146.0.7680.178

CWECWE-416

PublishedApr 1, 2026

Last enriched10h agov2

Trending Score67

Source articles3

Independent3

Info Completeness8/14

Missing: cvss, epss, kev, exploit, iocs, mitre_attack

Community Vote

Version History

Last enriched 10h ago

v2Tier C10h ago

Updated severity to CRITICAL, affected versions to include 146.0.7680.165, and noted that the vulnerability is actively exploited.

severityaffectedVersionsactivelyExploited

via VulDB

v111h ago

Initial creation

CVE-2026-5284: Use after free in Dawn in Google Chrome prior to 146.0.7680.178 allowed a remote attacker who had compromised the render

Description

Affected Products

References

Related News (3 articles)

Community Vote

Related CVEs (2)

Pin to Dashboard

Verification

Vulnerability Timeline

Version History