You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve-2026-5280
About this tag
CVE-2026-5280 is a use-after-free vulnerability in the WebCodecs component of Chromium, affecting Google Chrome prior to version 146.0.7680.178 and Microsoft Edge. The flaw allows a remote attacker to execute arbitrary code within the browser sandbox via a crafted HTML page. This tag covers discussions about patching Chrome and Edge, the memory-safety nature of the bug, and the shared remediation path for Chromium-based browsers. Users are advised to update their browsers to the latest versions to mitigate the risk.
Chromium’s CVE-2026-5280 is another reminder that browser security is still dominated by memory-safety failures in code paths most users never think about. The flaw is a use-after-free in WebCodecs affecting Google Chrome prior to 146.0.7680.178, and Google says a remote attacker could exploit...