Google has patched one other zero-day vulnerability in Chrome, its fourth this 12 months. In patching the vulnerability, tracked as CVE-2026-5281, the corporate acknowledged that an exploit for it already exists within the wild.
Based on the report in NIST’s Nationwide Vulnerability Database, the vulnerability in Daybreak, the implementation of WebGPU utilized by Chrome, allowed a distant attacker who had compromised the renderer course of to execute arbitrary code by way of a crafted HTML web page. It suggested customers to replace to Chrome 146.0.7680.178 or newer.
The three earlier vulnerabilities patched in Chrome this 12 months had been in several areas of the code.
