VuXML: chromium -- security fixes

VuXML ID	1dc2aae1-0793-4dbd-8548-e63ae0e1bdaf
Discovery	2026-03-31
Entry	2026-04-01

Chrome Releases reports:

This update includes 21 security fixes:

[493952652] High CVE-2026-5273: Use after free in CSS. Reported by Anonymous on 2026-03-18

[491732188] High CVE-2026-5272: Heap buffer overflow in GPU. Reported by inspector-ambitious on 2026-03-11

[488596746] High CVE-2026-5274: Integer overflow in Codecs. Reported by heapracer (@heapracer) on 2026-03-01

[489494022] High CVE-2026-5275: Heap buffer overflow in ANGLE. Reported by c6eed09fc8b174b0f3eebedcceb1e792 on 2026-03-04

[489711638] High CVE-2026-5276: Insufficient policy enforcement in WebUSB. Reported by Ariel Simon on 2026-03-04

[489791424] High CVE-2026-5277: Integer overflow in ANGLE. Reported by c6eed09fc8b174b0f3eebedcceb1e792 on 2026-03-05

[490254128] High CVE-2026-5278: Use after free in Web MIDI. Reported by c6eed09fc8b174b0f3eebedcceb1e792 on 2026-03-06

[490642836] High CVE-2026-5279: Object corruption in V8. Reported by Hyeonjun Ahn (@_deayzl) on 2026-03-08

[491515787] High CVE-2026-5280: Use after free in WebCodecs. Reported by heapracer (@heapracer) on 2026-03-11

[491518608] High CVE-2026-5281: Use after free in Dawn. Reported by 86ac1f1587b71893ed2ad792cd7dde32 on 2026-03-10

[491655161] High CVE-2026-5282: Out of bounds read in WebCodecs. Reported by c6eed09fc8b174b0f3eebedcceb1e792 on 2026-03-11

[492131521] High CVE-2026-5283: Inappropriate implementation in ANGLE. Reported by sweetchip on 2026-03-12

[492139412] High CVE-2026-5284: Use after free in Dawn. Reported by 86ac1f1587b71893ed2ad792cd7dde32 on 2026-03-12

[492228019] High CVE-2026-5285: Use after free in WebGL. Reported by c6eed09fc8b174b0f3eebedcceb1e792 on 2026-03-13

[493900619] High CVE-2026-5286: Use after free in Dawn. Reported by sweetchip on 2026-03-18

[494644471] High CVE-2026-5287: Use after free in PDF. Reported by Syn4pse on 2026-03-21

[495507390] High CVE-2026-5288: Use after free in WebView. Reported by Google on 2026-03-23

[495931147] High CVE-2026-5289: Use after free in Navigation. Reported by Google on 2026-03-25

[496205576] High CVE-2026-5290: Use after free in Compositing. Reported by Google on 2026-03-25

[490118036] Medium CVE-2026-5291: Inappropriate implementation in WebGL. Reported by heapracer (@heapracer) on 2026-03-06

[492213293] Medium CVE-2026-5292: Out of bounds read in WebCodecs. Reported by Google on 2026-03-12

[source]

CVE Name	CVE-2026-5272
CVE Name	CVE-2026-5273
CVE Name	CVE-2026-5274
CVE Name	CVE-2026-5275
CVE Name	CVE-2026-5276
CVE Name	CVE-2026-5277
CVE Name	CVE-2026-5278
CVE Name	CVE-2026-5279
CVE Name	CVE-2026-5280
CVE Name	CVE-2026-5281
CVE Name	CVE-2026-5282
CVE Name	CVE-2026-5283
CVE Name	CVE-2026-5284
CVE Name	CVE-2026-5285
CVE Name	CVE-2026-5286
CVE Name	CVE-2026-5287
CVE Name	CVE-2026-5288
CVE Name	CVE-2026-5289
CVE Name	CVE-2026-5290
CVE Name	CVE-2026-5291
CVE Name	CVE-2026-5292
URL	https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_31.html

chromium -- security fixes

Details

References