You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve 2026-5287
About this tag
CVE-2026-5287 is a high-priority use-after-free vulnerability in Chromium's PDF rendering engine, affecting Chrome and Edge browsers. The flaw allows a remote attacker to execute code inside the browser sandbox by tricking a user into opening a crafted PDF file. The issue is fixed in Chrome version 146.0.7680.178 and corresponding Edge updates. Microsoft's Security Update Guide mirrors the vulnerability for downstream visibility, highlighting how Chromium bugs propagate to Edge and other Chromium-based products. Users should update their browsers immediately to mitigate the risk.
Google’s latest Chromium security cycle has added another high-priority browser flaw to the patch queue, and this time the weak point sits in a place most users treat as routine: PDF rendering. CVE-2026-5287 is a use-after-free issue in Chrome’s PDF handling that Google says allowed a remote...