CVE-2026-2441
Google Chromium CSS Use-After-Free Vulnerability - [Actively Exploited]
Description
Use after free in CSS in Google Chrome prior to 145.0.7632.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
INFO
Published Date :
Feb. 13, 2026, 7:17 p.m.
Last Modified :
Feb. 23, 2026, 1:24 p.m.
Remotely Exploit :
Yes !
Source :
[email protected]
CISA KEV (Known Exploited Vulnerabilities)
For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild.
Google Chromium CSS contains a use-after-free vulnerability that could allow a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Unknown
https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop_13.html ; https://nvd.nist.gov/vuln/detail/CVE-2026-2441
Affected Products
The following products are affected by CVE-2026-2441
vulnerability.
Even if cvefeed.io is aware of the exact versions of the
products
that
are
affected, the information is not represented in the table below.
CVSS Scores
| Score | Version | Severity | Vector | Exploitability Score | Impact Score | Source |
|---|---|---|---|---|---|---|
| CVSS 3.1 | HIGH | 134c704f-9b21-4f2e-91b3-4a467353bcc0 | ||||
| CVSS 3.1 | HIGH | [email protected] |
Solution
- Update Google Chrome to version 145.0.7632.75 or later.
- Ensure the browser is automatically updated.
Public PoC/Exploit Available at Github
CVE-2026-2441 has a 29 public
PoC/Exploit available at Github.
Go to the Public Exploits tab to see the list.
References to Advisories, Solutions, and Tools
Here, you will find a curated list of external links that provide in-depth
information, practical solutions, and valuable tools related to
CVE-2026-2441.
| URL | Resource |
|---|---|
| https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop_13.html | Release Notes |
| https://issues.chromium.org/issues/483569511 | Issue Tracking Permissions Required |
| https://github.com/huseyinstif/CVE-2026-2441-PoC/blob/main/poc.html | Exploit |
| https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-2441 | US Government Resource |
CWE - Common Weakness Enumeration
While CVE identifies
specific instances of vulnerabilities, CWE categorizes the common flaws or
weaknesses that can lead to vulnerabilities. CVE-2026-2441 is
associated with the following CWEs:
Common Attack Pattern Enumeration and Classification (CAPEC)
Common Attack Pattern Enumeration and Classification
(CAPEC)
stores attack patterns, which are descriptions of the common attributes and
approaches employed by adversaries to exploit the CVE-2026-2441
weaknesses.
We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).
CVE-2026-5281 (Chrome Dawn WebGPU UAF) analysis, lab validation tools, and reproducible environment for vulnerable vs patched builds.
google-chrome cve-2026-5281 browser-exploitation
Python HTML
Security research and exploit development: vulnerability analysis, exploit chain implementation, post-exploitation tradecraft, and defensive assessment tooling. Covers browser engines, persistence mechanisms, credential harvesting, C2 patterns, and AI-accelerated attack automation.
ai-security browser-security credential-harvesting cve exploit-development post-exploitation proof-of-concept red-team reverse-engineering security-research streamlit vulnerability-analysis worm
Shell HTML JavaScript Batchfile PowerShell Python Makefile Rust
Daily archive of the top 10 Hacker News stories, organized by date
archive daily hacker-news hn
Python Shell
UAF 練習實驗室 - Use-After-Free 漏洞練習環境
Shell C
## Типы задач в Benchmark v0 1) **CWE-классификация**: по описанию CVE определить CWE. 2) **Суммаризация**: кратко описать суть уязвимости (1–2 предложения).
Python
Demonstrate a proof-of-concept exploit for CVE-2026-2441, a high-risk Chrome use-after-free vulnerability in the Blink CSS engine.
agent agents chinese gluon hacktoberfest notebook obfuscation person-reid poc rag semantic-segmentation testnet testnet-faucet vulnerability web3 zdi
None
None
HTML
None
None
HTML
None
None
Shell Python
None
None
HTML
None
Results are limited to the first 15 repositories due to potential performance issues.
The following list is the news that have been mention
CVE-2026-2441 vulnerability anywhere in the article.
-
Daily CyberSecurity
Breaking the App Shell: Five New Electron Vulnerabilities Shatter Context Isolation
The Electron framework—the powerhouse behind heavyweights like Visual Studio Code and countless other cross-platform desktop applications —has released a series of important patches to address five si ... Read more
-
Daily CyberSecurity
Under Active Attack: Critical 9.1 CVSS FortiClient EMS Flaw Exploited in the Wild
Security teams are on high alert as Fortinet confirms that a critical vulnerability in its FortiClient EMS (Endpoint Management Server) is currently being leveraged by attackers in active campaigns. T ... Read more
-
SentinelOne
The Good, the Bad and the Ugly in Cybersecurity – Week 14
The Good | SentinelOne AI EDR Stops LiteLLM Supply Chain Attack in Real Time This week, SentinelOne demonstrated how autonomous, AI-driven endpoint protection can detect and stop sophisticated supply ... Read more
-
SentinelOne
The Good, the Bad and the Ugly in Cybersecurity – Week 14
The Good | SentinelOne AI EDR Stops LiteLLM Supply Chain Attack in Real Time This week, SentinelOne demonstrated how autonomous, AI-driven endpoint protection can detect and stop sophisticated supply ... Read more
-
TheCyberThrone
CVE-2026-5281 — Google Chrome Dawn Use-After-Free Under Active Exploitation
April 2, 2026CISA has added CVE-2026-5281 to its Known Exploited Vulnerabilities catalog, marking the fourth Chrome zero-day exploited in the wild during 2026 alone. Federal agencies are required to r ... Read more
-
The Hacker News
New Chrome Zero-Day CVE-2026-5281 Under Active Exploitation — Patch Released
Google on Thursday released security updates for its Chrome web browser to address 21 vulnerabilities, including a zero-day flaw that it said has been exploited in the wild. The high-severity vulnerab ... Read more
-
Daily CyberSecurity
Exploited in the Wild: Google Issues Emergency Patch for Chrome Zero-Day (CVE-2026-5281) in Dawn Component
Google has released a critical security update for the Chrome Stable channel to address 21 security vulnerabilities. While the patch covers a wide array of flaws, one particular bug has put security t ... Read more
-
Daily CyberSecurity
The 30-Year Glitch: RCE and ARM Exploits Uncovered in libpng Reference Library
Security researchers have disclosed two significant vulnerabilities in libpng, the official reference library for Portable Network Graphics (PNG). The flaws, which impact versions spanning decades of ... Read more
-
Daily CyberSecurity
8 High-Severity Risks Fixed: Chrome Desktop Update Fixes Critical Memory and Buffer Flaws
In a significant move to bolster user safety, a new Chrome Stable Channel Update has been launched for desktop users. The update brings the browser version to 146.0.7680.164/165 for Windows and Mac, w ... Read more
-
The Cyber Express
AI-Driven Phishing Campaign Uses Browser Permissions to Harvest Sensitive Data
A new AI-driven phishing campaign, uncovered by Cyble Research & Intelligence Labs (CRIL) demonstrates how attackers are moving beyond traditional credential theft and adopting more invasive, technolo ... Read more
-
The Register
Google rushes Chrome update fixing two zero-days already under attack
Google has pushed out an emergency Chrome update to fix two previously unknown vulnerabilities that attackers were already exploiting before the patches landed. The bugs, tracked as CVE-2026-3909 and ... Read more
-
The Hacker News
Google Fixes Two Chrome Zero-Days Exploited in the Wild Affecting Skia and V8
Google on Thursday released security updates for its Chrome web browser to address two high-severity vulnerabilities that it said have been exploited in the wild. The list of vulnerabilities is as fol ... Read more
-
Daily CyberSecurity
Double Zero-Day Threat: Emergency Chrome Update Patches Actively Exploited Skia and V8 Flaws
In a significant update to the Chrome Stable channel, Google has patched two high-severity vulnerabilities that threat actors are currently exploiting in the wild. This emergency rollout brings the br ... Read more
-
The Cyber Express
The State of Cyber Warfare in 2026: Nation-State Attacks, AI Weapons, and the New Digital Battlefield
Cyber operations no longer occur only during wartime. Digital activity now runs continuously alongside diplomacy, sanctions, and military tensions. This has become particularly visible amid escalating ... Read more
-
Daily CyberSecurity
Chrome 146 Arrives with 29 Security Fixes: Critical WebML Flaw Discovered
Google has officially promoted Chrome 146 to the stable channel for Windows, Mac, and Linux, kicking off a global rollout that will reach users over the coming days and weeks. While the update brings ... Read more
-
Daily CyberSecurity
Update Chrome Now: Google Patches 3 Critical Flaws and 7 High-Risk Vulnerabilities
Google has released an urgent update for the Chrome Stable channel, addressing 10 security vulnerabilities, including three rated as “Critical” and seven rated as “High” severity. The update is rollin ... Read more
-
Daily CyberSecurity
Critical 10.0 CVSS Flaw in Cisco Secure FMC Hands Hackers Root Access to Enterprise Firewalls
Cybersecurity researchers have identified a critical vulnerability in Cisco Secure Firewall Management Center (FMC) Software, the administrative “nerve center” used to manage unified security policies ... Read more
-
Daily CyberSecurity
CISA Adds Qualcomm and VMware Flaws to Known Exploited Catalog
The Cybersecurity and Infrastructure Security Agency (CISA) has expanded its Known Exploited Vulnerabilities (KEV) Catalog, adding two high-stakes flaws that are reportedly being weaponized in the wil ... Read more
-
Daily CyberSecurity
WordPress Security Alert: Critical Privilege Escalation Flaw in Popular Membership Plugin
A massive security hole has been discovered in the User Registration & Membership plugin for WordPress, a popular tool used by over 60,000 websites to manage tiered subscription plans and custom login ... Read more
-
Daily CyberSecurity
Critical RCE Flaw in Qwik Framework Allows Server Takeover via Single Request
Security researchers have identified a critical vulnerability in Qwik, the popular web framework known for its “instant-on” performance and resumability. The flaw, tracked as CVE-2026-27971, carries a ... Read more
The following table lists the changes that have been made to the
CVE-2026-2441 vulnerability over time.
Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.
-
Modified Analysis by [email protected]
Feb. 23, 2026
Action Type Old Value New Value Added CVSS V3.1 AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Added CWE CWE-416 Added Reference Type CISA-ADP: https://github.com/huseyinstif/CVE-2026-2441-PoC/blob/main/poc.html Types: Exploit -
CVE Modified by 134c704f-9b21-4f2e-91b3-4a467353bcc0
Feb. 20, 2026
Action Type Old Value New Value Added Reference https://github.com/huseyinstif/CVE-2026-2441-PoC/blob/main/poc.html -
Modified Analysis by [email protected]
Feb. 18, 2026
Action Type Old Value New Value Added Reference Type CISA-ADP: https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-2441 Types: US Government Resource -
CVE Modified by 134c704f-9b21-4f2e-91b3-4a467353bcc0
Feb. 17, 2026
Action Type Old Value New Value Added Reference https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-2441 -
Initial Analysis by [email protected]
Feb. 17, 2026
Action Type Old Value New Value Added CPE Configuration AND OR *cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:* versions up to (excluding) 145.0.7632.75 OR cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* Added CPE Configuration AND OR *cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:* versions up to (excluding) 145.0.7632.76 OR cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:* Added Reference Type Chrome: https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop_13.html Types: Release Notes Added Reference Type Chrome: https://issues.chromium.org/issues/483569511 Types: Issue Tracking, Permissions Required -
CVE Modified by 134c704f-9b21-4f2e-91b3-4a467353bcc0
Feb. 13, 2026
Action Type Old Value New Value Added CVSS V3.1 AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H -
New CVE Received by [email protected]
Feb. 13, 2026
Action Type Old Value New Value Added Description Use after free in CSS in Google Chrome prior to 145.0.7632.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) Added CWE CWE-416 Added Reference https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop_13.html Added Reference https://issues.chromium.org/issues/483569511