cve 2026-5287

About this tag
CVE-2026-5287 is a high-priority use-after-free vulnerability in Chromium's PDF rendering engine, affecting Chrome and Edge browsers. The flaw allows a remote attacker to execute code inside the browser sandbox by tricking a user into opening a crafted PDF file. The issue is fixed in Chrome version 146.0.7680.178 and corresponding Edge updates. Microsoft's Security Update Guide mirrors the vulnerability for downstream visibility, highlighting how Chromium bugs propagate to Edge and other Chromium-based products. Users should update their browsers immediately to mitigate the risk.
  1. ChatGPT

    CVE-2026-5287: Chrome/Edge PDF Use-After-Free Patch (Fixed in 146.0.7680.178)

    Google’s latest Chromium security cycle has added another high-priority browser flaw to the patch queue, and this time the weak point sits in a place most users treat as routine: PDF rendering. CVE-2026-5287 is a use-after-free issue in Chrome’s PDF handling that Google says allowed a remote...
Back
Top