CVE-2026-45195
- EPSS 0.11%
- Veröffentlicht 26.06.2026 15:18:20
- Zuletzt bearbeitet 29.06.2026 18:44:21
Kernel software installed and running inside a Host VM may post improper commands to the GPU Firmware to trigger a memory read or write outside the permitted range of memory for the host kernel. Addresses passed to the GPU Firmware can be used by ...
CVE-2026-21734
- EPSS 0.12%
- Veröffentlicht 26.06.2026 15:14:00
- Zuletzt bearbeitet 29.06.2026 18:44:35
A web page that contains unusual GPU shader code is loaded into the GPU compiler process and can trigger a write out-of-bounds write crash in the GPU shader compiler library. On certain platforms, when the compiler process has system privileges this ...
CVE-2026-22167
- EPSS 0.15%
- Veröffentlicht 01.05.2026 16:16:29
- Zuletzt bearbeitet 01.06.2026 17:10:47
Software installed and run as a non-privileged user may conduct improper GPU system calls to force GPU to write to arbitrary physical memory pages. Under certain circumstances this exploit could be used to corrupt data pages not allocated by the G...
CVE-2026-22166
- EPSS 0.35%
- Veröffentlicht 01.05.2026 16:16:29
- Zuletzt bearbeitet 01.06.2026 17:15:17
A web page that contains unusual WebGPU content loaded into the GPU GLES render process and can trigger write UAF crash in the GPU GLES user-space shared library. On certain platforms, when the process executing graphics workload has system privilege...
CVE-2026-22165
- EPSS 0.35%
- Veröffentlicht 01.05.2026 16:16:29
- Zuletzt bearbeitet 01.06.2026 17:15:59
A web page that contains unusual WebGPU content loaded into the GPU GLES render process and can trigger a write UAF crash in the GPU GLES user-space shared library. On certain platforms, when the process executing graphics workload has system privile...
CVE-2026-22163
- EPSS 0.08%
- Veröffentlicht 20.03.2026 22:52:43
- Zuletzt bearbeitet 21.04.2026 16:53:35
Requires malware code to misuse the DDK kernel module IOCTL interface. Such code can use the interface in an unsupported way that allows subversion of the GPU to perform writes to arbitrary physical memory pages. The product utilises a shared resou...
CVE-2026-21732
- EPSS 0.29%
- Veröffentlicht 20.03.2026 22:48:42
- Zuletzt bearbeitet 21.04.2026 16:55:05
A web page that contains unusual GPU shader code is loaded into the GPU compiler process and can trigger a write out-of-bounds write crash in the GPU shader compiler library. On certain platforms, when the compiler process has system privileges this ...
CVE-2026-21736
- EPSS 0.12%
- Veröffentlicht 09.03.2026 12:23:38
- Zuletzt bearbeitet 10.03.2026 18:46:06
Software installed and run as a non-privileged user may conduct improper GPU system calls to gain write permission to read-only wrapped user-mode memory. This is caused by improper handling of the memory protections for the user-mode wrapped memory ...
CVE-2025-13952
- EPSS 0.42%
- Veröffentlicht 24.01.2026 02:26:49
- Zuletzt bearbeitet 28.01.2026 18:33:18
A web page that contains unusual GPU shader code is loaded from the Internet into the GPU compiler process triggers a write use-after-free crash in the GPU shader compiler library. On certain platforms, when the compiler process has system privileges...
CVE-2025-10865
- EPSS 0.11%
- Veröffentlicht 13.01.2026 17:26:45
- Zuletzt bearbeitet 30.01.2026 18:39:09
Software installed and run as a non-privileged user may conduct improper GPU system calls to cause mismanagement of reference counting to cause a potential use after free. Improper reference counting on an internal resource caused scenario where pot...