# CVE-2026-5284

> Use after free in Dawn (WebGPU) in Google Chrome prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page. This is the third Dawn use-after-free vulnerability reported by the same researcher who disclosed CVE-2026-4676 and CVE-2026-5281, suggesting systematic research into Chrome's GPU subsystem. Patched in Chrome 146.0.7680.177/178 released March 31, 2026 as part of an emergency update addressing 21 total vulnerabilities. (Chromium security severity: High)

- **CVSS:** 7.5 (HIGH)
- **EPSS:** 0.1%
- **CWE:** CWE-416

Canonical: https://intel.threadlinqs.com/cve/CVE-2026-5284
Full threat coverage + IOCs via the Threadlinqs MCP server (Purple tier): https://intel.threadlinqs.com/mcp