CVEReports
CVEReports

Automated vulnerability intelligence platform. Comprehensive reports for high-severity CVEs generated by AI.

Product

  • Home
  • Sitemap
  • RSS Feed

Company

  • About
  • Contact
  • Privacy Policy
  • Terms of Service

© 2026 CVEReports. All rights reserved.

Made with love by Amit Schendel & Alon Barad



CVE-2026-5281

CVE-2026-5281: High-Severity Use-After-Free in Dawn WebGPU Implementation

Alon Barad
Alon Barad
Software Engineer

Apr 2, 2026·6 min read·170 visits

Executive Summary (TL;DR)

A Use-After-Free in Google Chrome's Dawn WebGPU component allows remote attackers to execute arbitrary code. The vulnerability involves a race condition in command buffer queue management and requires immediate patching to version 146.0.7680.178.

CVE-2026-5281 is a critical Use-After-Free (UAF) vulnerability located in the Dawn WebGPU backend of Chromium-based browsers. It allows remote attackers to execute arbitrary code via a crafted HTML page leveraging a race condition in the internal GPU task queue. The flaw is actively exploited in the wild.

Vulnerability Overview

Google Chrome versions prior to 146.0.7680.178 contain a high-severity Use-After-Free (UAF) vulnerability within the Dawn WebGPU implementation. Dawn serves as the open-source WebGPU backend for Chromium, translating modern GPU capabilities into underlying platform APIs such as D3D12, Metal, and Vulkan. The vulnerability, tracked as CVE-2026-5281, resides within the command buffer handling logic of the GPU task queue.

The flaw emerges when CommandBuffers are submitted for execution and subsequently destroyed in rapid succession. The system fails to maintain proper synchronization between the lifecycle of the buffer objects and the internal GPU task queue processing state. This lack of synchronization allows dangling pointers referencing the destroyed objects to persist within the queue.

An attacker can leverage these dangling pointers to execute arbitrary code within the context of the renderer process. Exploitation requires user interaction, specifically drawing the victim to a malicious HTML page hosting the WebGPU payload. The vulnerability has been observed under active exploitation in the wild, prompting its inclusion in the CISA Known Exploited Vulnerabilities catalog.

Root Cause Analysis

The core issue in CVE-2026-5281 is a race condition in the Dawn WebGPU backend's queue management system. Dawn maintains a sequential queue to organize command buffers submitted by the JavaScript execution environment before they are dispatched to the underlying hardware API. These command buffers encapsulate rendering and compute operations scheduled for GPU processing.

When a script submits operations to gpuDevice.queue, the backend allocates memory regions to track the asynchronous execution state of these tasks. The vulnerability manifests when the script invokes the .destroy() method on the associated buffer objects immediately after submission. The destruction routine deallocates the backing memory without synchronously halting or dequeuing the pending operations referencing that memory.

As the asynchronous task queue continues processing, it eventually reaches the submitted tasks that now contain invalid memory references. The backend attempts to read or execute data from the memory addresses previously assigned to the destroyed buffer objects. This state constitutes a classic Use-After-Free condition, enabling arbitrary memory access if the attacker has successfully reallocated the freed space.

Exploitation Methodology

The exploitation methodology relies on a precise sequence of WebGPU API calls to trigger the Use-After-Free and subsequently hijack the execution flow. The attacker initiates the chain by establishing a WebGPU context through a standard HTMLCanvasElement within a controlled web page. Upon acquiring the context, the exploit allocates a large volume of GPU buffers and constructs multiple compute pipelines.

The attacker then submits these command buffers to the GPU device queue in rapid succession, immediately followed by explicit calls to .destroy() on the buffer objects. This rapid allocation and destruction sequence maximizes the probability of winning the race condition against the internal GPU processing thread. The destruction frees the memory regions while the references remain active in the task queue.

To achieve code execution, the attacker performs heap spraying by reallocating buffers of identical sizes to reclaim the recently freed memory segments. These newly allocated blocks contain a malicious payload, typically constructed as shellcode or corrupted object headers. When the GPU queue processes the original dangling pointers, it operates on the attacker-controlled data.

// CVE-2026-5281 Aggressive UAF Trigger Snippet
async function triggerAggressiveUAF() {
    while (!crashDetected) {
        const tempBuffers = [];
        for (let i = 0; i < 200; i++) {
            const size = (64 + Math.floor(Math.random() * 16384)) * 4;
            tempBuffers.push(gpuDevice.createBuffer({
                size: size,
                usage: GPUBufferUsage.STORAGE | GPUBufferUsage.COPY_DST
            }));
        }
 
        const commands = [];
        for (let p = 0; p < tempBuffers.length / 2; p++) {
            const cmdEncoder = gpuDevice.createCommandEncoder();
            const computePass = cmdEncoder.beginComputePass();
            computePass.end();
            commands.push(cmdEncoder.finish());
        }
 
        gpuDevice.queue.submit(commands);
 
        for (let i = 0; i < tempBuffers.length; i++) {
            tempBuffers[i].destroy();
        }
        
        const reuseBuffer = gpuDevice.createBuffer({
            size: 4096,
            usage: GPUBufferUsage.STORAGE
        });
    }
}

Impact Assessment

The immediate impact of a successful CVE-2026-5281 exploit is unauthenticated remote code execution within the Chromium renderer process. The renderer process operates under a restricted sandbox environment, limiting the attacker's direct access to the underlying operating system. However, gaining arbitrary code execution in this context provides a necessary foothold for subsequent privilege escalation attacks.

To fully compromise a target system, an attacker must chain this vulnerability with a separate sandbox escape flaw. The initial execution context allows the attacker to read memory within the renderer process, potentially exposing sensitive data originating from the rendered web content. The CVSSv3.1 base score of 8.8 reflects the high severity of the vulnerability, driven by the network attack vector and the high impact on confidentiality, integrity, and availability.

The vulnerability affects multiple platforms due to Dawn's role as a translation layer for various graphics APIs. Vulnerable implementations include Windows using Direct3D 12, macOS using Metal, Linux using Vulkan, and ChromeOS using Mali drivers. This cross-platform applicability broadens the attack surface, requiring comprehensive patch deployment across all supported operating systems.

Remediation and Mitigation

The primary remediation for CVE-2026-5281 is updating all Chromium-based browsers to the patched versions. Google released Chrome version 146.0.7680.178 to address the vulnerability across Windows, macOS, and Linux platforms. Organizations utilizing Microsoft Edge, Opera, or other Chromium derivatives must apply corresponding updates provided by their respective vendors.

In enterprise environments, security teams should implement detection mechanisms to identify potential exploitation attempts. Monitoring browser error logs for unexpected GPU process crashes or "Device Lost" API errors provides a strong indicator of the race condition being triggered. While these errors occur during benign development, elevated frequencies correlate with exploit activity.

Administrators can utilize the cve_2026_5281_scanner.py research tool to audit local systems and fleet inventories for vulnerable browser installations. The scanner analyzes the BLBeacon registry key on Windows systems and extracts binary version information on Unix-like platforms. Disabling WebGPU via organizational group policies serves as a viable temporary mitigation if immediate patching is not feasible.

Technical Appendix

CVSS Score
8.8/ 10
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected Systems

Google ChromeMicrosoft EdgeOperaChromium Embedded Framework (CEF)

Affected Versions Detail

Product
Affected Versions
Fixed Version
Google Chrome
Google
< 146.0.7680.178146.0.7680.178
Microsoft Edge
Microsoft
< 146.0.7680.178146.0.7680.178
Opera
Opera
< 146.0.7680.178146.0.7680.178
AttributeDetail
CVE IDCVE-2026-5281
CVSSv3.1 Score8.8 (High)
CWE IdentifierCWE-416
Attack VectorNetwork
ImpactRemote Code Execution (Renderer Process)
Exploit StatusActively Exploited (In the Wild)
CISA KEV StatusListed (Added 2026-04-01)

MITRE ATT&CK Mapping

T1203Exploitation for Client Execution
Execution
T1068Exploitation for Privilege Escalation
Privilege Escalation
CWE-416
Use After Free

Referencing memory after it has been freed can cause a program to crash, use unexpected values, or execute code.

Known Exploits & Detection

GitHubResearcher toolkit containing a vulnerability scanner and exploit generator for CVE-2026-5281.

Vulnerability Timeline

Vulnerability reported to Google by an anonymous researcher (Issue 491518608)
2026-03-24
Google releases Chrome 146.0.7680.178 as an emergency update
2026-03-31
CISA adds CVE-2026-5281 to the KEV catalog due to evidence of active exploitation
2026-04-01
Research toolkit and PoC published on GitHub by security researchers
2026-04-02

References & Sources

  • [1]Chrome Release Blog: Stable Channel Update for Desktop (2026-03-31)
  • [2]CISA KEV Catalog
  • [3]NVD Detail
  • [4]Chromium Issue Tracker: Issue 491518608
  • [5]Researcher Toolkit

Attack Flow Diagram

Press enter or space to select a node. You can then use the arrow keys to move the node around. Press delete to remove it and escape to cancel.
Press enter or space to select an edge. You can then press delete to remove it or escape to cancel.

More Reports

•1 day ago•CVE-2026-54269
5.3

CVE-2026-54269: Runtime Property Shadowing and Denial of Service in protobufjs

A property shadowing vulnerability exists in protobufjs where schema-derived names can collide with and overwrite runtime-critical internal helper properties. This issue leads to uncaught runtime exceptions and crash-based Denial of Service.

Alon Barad
Alon Barad
6 views•6 min read
•3 days ago•CVE-2025-6965
7.7

CVE-2025-6965: Remote Code Execution via Integer Truncation in SQLite Aggregate Parser

An integer truncation vulnerability (CWE-197) exists in SQLite before version 3.50.2 during the processing of aggregate queries with more than 32,767 distinct column references. This causes an internal 32-bit counter to truncate to a signed 16-bit integer, producing negative values that cause out-of-bounds heap operations in release builds.

Amit Schendel
Amit Schendel
13 views•6 min read
•3 days ago•CVE-2026-47291
9.8

CVE-2026-47291: Remote Code Execution in Windows HTTP.sys Kernel Driver

An integer overflow vulnerability in the Windows kernel-mode HTTP driver (HTTP.sys) allows an unauthenticated remote attacker to execute arbitrary code with kernel privileges or cause a Denial of Service via a specially crafted sequence of HTTP request headers.

Amit Schendel
Amit Schendel
26 views•8 min read
•3 days ago•CVE-2026-11822
7.8

CVE-2026-11822: Memory Corruption and Buffer Overflow in SQLite FTS5 Extension

A memory corruption vulnerability exists in the FTS5 (Full-Text Search 5) extension of SQLite prior to version 3.53.2. An attacker can construct a malicious database file containing corrupt FTS5 page data. Querying this database triggers out-of-bounds reads and heap-based buffer overflows, potentially causing a crash or arbitrary code execution.

Amit Schendel
Amit Schendel
8 views•5 min read
•4 days ago•CVE-2026-56350
6.3

CVE-2026-56350: SSO Enforcement Bypass in n8n via API Parameter Pollution / Mass Assignment

A mass assignment vulnerability (CWE-915) in n8n's self-service settings API endpoint (PATCH /me/settings) allows authenticated Single Sign-On (SSO) users to disable SSO enforcement for their accounts by injecting administrative parameters. This bypasses organizational identity provider controls and multi-factor authentication (MFA).

Amit Schendel
Amit Schendel
11 views•6 min read
•7 days ago•CVE-2026-55699
6.5

CVE-2026-55699: Arbitrary Directory Deletion via Path Traversal in pnpm globalBinDir Resolver

CVE-2026-55699 (also identified as GHSA-4gxm-v5v7-fqc4) is a critical path traversal and arbitrary directory deletion vulnerability in the pnpm package manager. The issue exists because the manifest validation process fails to prevent relative path segments within the package 'bin' keys. When a malicious package containing structured path traversal markers is globally installed and later manipulated, pnpm resolves the target paths through path.join() and passes the resolved paths to a recursive deletion function, resulting in arbitrary directory removal.

Amit Schendel
Amit Schendel
26 views•6 min read