Changeflow GovPing Data Privacy & Cybersecurity CVE-2026-5281 Google Dawn Use-After-Free Added ...
Priority review Notice Added Final

CVE-2026-5281 Google Dawn Use-After-Free Added to KEV Catalog

Favicon for www.cisa.gov CISA ICS-CERT Advisories
Published April 1st, 2026
Detected April 1st, 2026
Email

Summary

CISA added CVE-2026-5281, a Google Dawn Use-After-Free vulnerability, to its Known Exploited Vulnerabilities (KEV) Catalog based on evidence of active exploitation. The vulnerability poses significant risks to federal enterprise networks. BOD 22-01 establishes remediation requirements for Federal Civilian Executive Branch (FCEB) agencies.

View original document View source feed page

What changed

CISA has added one new vulnerability to the KEV Catalog: CVE-2026-5281 (Google Dawn Use-After-Free). This is a use-after-free vulnerability in Google Dawn, a web graphics library, with confirmed evidence of active exploitation. The KEV Catalog was established by BOD 22-01 as a living list of CVEs carrying significant risk to the federal enterprise.

FCEB agencies are required to remediate this vulnerability by the due date specified in the catalog. All organizations are urged by CISA to prioritize timely remediation of KEV Catalog vulnerabilities as part of their vulnerability management practice. Organizations should immediately check for instances of Google Dawn and this specific CVE in their environments and apply patches or mitigations.

What to do next

  1. Identify assets running Google Dawn and check for CVE-2026-5281
  2. Apply available patches or mitigations for the Use-After-Free vulnerability
  3. Prioritize this CVE in vulnerability management given active exploitation status

Source document (simplified)

Alert

CISA Adds One Known Exploited Vulnerability to Catalog

Release Date

April 01, 2026

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.

  • CVE-2026-5281 Google Dawn Use-After-Free Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant risks to the federal enterprise.

Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the KEV Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.

Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of KEV Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.

This product is provided subject to this Notification and this Privacy & Use policy.

Please share your thoughts

We recently updated our anonymous product survey; we welcome your feedback.

Named provisions

Known Exploited Vulnerabilities Catalog BOD 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities

Related changes

Favicon for www.cisa.gov Critical Authentication Bypass in PX4 Autopilot MAVLink Protocol
Urgent Mar 31, 2026 CISA ICS-CERT Advisories Data Privacy & Cybersecurity
Favicon for www.cisa.gov Critical Authentication Bypass Vulnerability in Anritsu Remote Spectrum Monitor
Urgent Mar 31, 2026 CISA ICS-CERT Advisories Data Privacy & Cybersecurity
Favicon for www.cisa.gov CVE-2026-3055 Citrix NetScaler Out-of-Bounds Read Added to KEV Catalog
Urgent Mar 30, 2026 CISA ICS-CERT Advisories Data Privacy & Cybersecurity
Favicon for www.csa.gov.sg Critical Axios Supply Chain Compromise via npm
Urgent Apr 01, 2026 CSA Alerts & Advisories (Singapore) Data Privacy & Cybersecurity
Favicon for www.cert.ssi.gouv.fr Multiples vulnérabilités dans les produits Microsoft
Priority review Apr 01, 2026 CERT-FR Security Advisories Data Privacy & Cybersecurity
Favicon for www.cert.ssi.gouv.fr Chrome Vulnerabilities - Actively Exploited CVE-2026-5281
Urgent Apr 01, 2026 CERT-FR Security Advisories Data Privacy & Cybersecurity

Source

Favicon for www.cisa.gov
CISA ICS-CERT Advisories cisa.gov/rss.xml
Data Privacy & Cybersecurity
Analysis generated by AI. Source diff and links are from the original.

Classification

Agency
CISA
Published
April 1st, 2026
Instrument
Notice
Legal weight
Binding
Stage
Final
Change scope
Substantive

Who this affects

Applies to
Government agencies Technology companies
Industry sector
5182 Data Processing & Hosting 5112 Software & Technology
Activity scope
Vulnerability Management Cybersecurity Remediation
Geographic scope
United States US

Taxonomy

Primary area
Cybersecurity
Operational domain
IT Security
Compliance frameworks
NIST CSF
Topics
Vulnerability Management Federal Civilian Executive Branch

Browse Categories

Agriculture & Food Safety 63 AI Regulation 3 Banking & Finance 266 Consumer & Competition 1 Consumer Protection 44 Courts & Legal 360 Data Privacy & Cybersecurity 74 Defense & National Security 52 Education 20 Energy 107 Environment 85 Government & Legislation 324 Healthcare 136 Housing 16 Immigration 9 Insurance 58 Labor & Employment 113 Legal & Courts 1 Pharma & Drug Safety 103 Securities & Markets 104 Tax 65 Tax & Revenue 1 Telecom & Technology 47 Trade & Sanctions 124 Transportation 57

Get Data Privacy & Cybersecurity alerts

Weekly digest. AI-summarized, no noise.

Free. Unsubscribe anytime.

Get alerts for this source

We'll email you when CISA ICS-CERT Advisories publishes new changes.

Optional. Personalizes your daily digest.

Free. Unsubscribe anytime.