CVE-2026-5281 (CVSS 8.8, CISA KEV) is a use-after-free in Google Dawn, the WebGPU engine embedded in all Chromium-based browsers, functioning as a sandbox escape in a multi-stage exploitation chain. CISA has set a federal remediation deadline of 2026-04-15, confirming active in-the-wild exploitation. Affected specific version ranges were not confirmed in available source data; organizations should apply the latest Chrome and Edge updates immediately and verify patched version numbers against official vendor advisories.