Google Releases Urgent Chrome Update to Patch Actively Exploited Zero-Day Vulnerability

Google has released a Chrome update to patch the actively exploited zero-day vulnerability CVE-2026-5281, a use-after-free flaw in Dawn/WebGPU. The vulnerability is currently under active exploitation, prompting an urgent recommendation to update to Chrome versions 146.0.7680.177 or 178, depending on the system. The flaw has been added to CISA’s Known Exploited Vulnerabilities (KEV) catalog, prioritizing its remediation in managed environments. No additional technical details about the exploitation or attack vectors were disclosed in the notice.