{"id":230205,"date":"2026-04-01T19:37:00","date_gmt":"2026-04-01T23:37:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/04\/01\/u-s-cisa-adds-a-flaw-in-google-dawn-to-its-known-exploited-vulnerabilities-catalog\/"},"modified":"2026-04-01T20:05:21","modified_gmt":"2026-04-02T00:05:21","slug":"u-s-cisa-adds-a-flaw-in-google-dawn-to-its-known-exploited-vulnerabilities-catalog","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/04\/01\/u-s-cisa-adds-a-flaw-in-google-dawn-to-its-known-exploited-vulnerabilities-catalog\/","title":{"rendered":"U.S. CISA adds a flaw in Google Dawn to its Known Exploited Vulnerabilities catalog"},"content":{"rendered":"

U.S. CISA adds a flaw in Google Dawn to its Known Exploited Vulnerabilities catalog<\/a><\/p>\n

https:\/\/securityaffairs.com\/190282\/security\/u-s-cisa-adds-a-flaw-in-google-dawn-to-its-known-exploited-vulnerabilities-catalog.html<\/a><\/p>\n

Publish Date: 2026-04-01 19:37:00<\/a><\/p>\n

Source Domain: securityaffairs.com<\/a><\/p>\n

U.S. CISA adds a flaw in Google Dawn to its Known Exploited Vulnerabilities catalog<\/h2>\n<\/p>\n

\t\t\t\t\t\t\t Pierluigi Paganini<\/span>
\n\t\t\t\t\t\t\t\"\"\/ April 01, 2026<\/span><\/p>\n

\t\t\t\t\t\t\"\"\/<\/p>\n

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Google Dawn to its Known Exploited Vulnerabilities catalog.<\/h2>\n

The U.S. Cybersecurity and Infrastructure Security Agency (CISA)\u00a0added\u00a0a flaw in Google Dawn, tracked as CVE-2026-5281 (CVSS score of 8.8), to its\u00a0Known Exploited Vulnerabilities (KEV) catalog.<\/p>\n

The flaw is a use after free in the Dawn component in Google Chrome prior to 146.0.7680.178. Google Dawn is the WebGPU component used for graphics processing. A remote attacker who had compromised the renderer process could exploit the flaw to execute arbitrary code via a crafted HTML page.<\/p>\n

According to CISA, this vulnerability could affect multiple Chromium-based products including, but not limited to, Google Chrome, Microsoft Edge, and Opera.<\/p>\n

This week, Google released Chrome updates fixing 21 vulnerabilities, including a new actively exploited zero-day tracked as CVE-2026-5281.<\/p>\n

Due to ongoing exploitation, the company urges users to update their browsers immediately to reduce the risk of attacks.<\/p>\n

\u201cGoogle is aware that an exploit for CVE-2026-5281 exists in the wild.\u201d\u00a0reads the advisory.<\/p>\n

A use-after-free (UAF) bug is a type of memory error where a program continues to use a piece of memory after it has already been freed (released).<\/p>\n

Attackers can exploit use-after-free bugs to crash applications, execute malicious code, or\u00a0take control of a system. Google fixed the Chrome zero-day and urges users to update to version 146.0.7680.177\/178 (Windows\/macOS) or 146.0.7680.177 (Linux).<\/p>\n

As usual, Google did not reveal technical details of the attacks exploiting this flaw or the type of attackers involved, to give users time to update and prevent others from exploiting it.<\/p>\n

CVE-2026-5281 is the fourth Chrome zero-day…<\/p>\n

Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

U.S. CISA adds a flaw in Google Dawn to its Known Exploited Vulnerabilities catalog https:\/\/securityaffairs.com\/190282\/security\/u-s-cisa-adds-a-flaw-in-google-dawn-to-its-known-exploited-vulnerabilities-catalog.html…<\/p>\n","protected":false},"author":1,"featured_media":230206,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/securityaffairs.com\/wp-content\/uploads\/2020\/07\/CISA.jpeg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[24,31,27],"class_list":["post-230205","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-cybersecurity","tag-exploit","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/230205"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=230205"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/230205\/revisions"}],"predecessor-version":[{"id":230207,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/230205\/revisions\/230207"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/230206"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=230205"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=230205"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=230205"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}