CVE-2026-22166

A web page that contains unusual WebGPU content loaded into the GPU GLES render process and can trigger write UAF crash in the GPU GLES user-space shared library. On certain platforms, when the process executing graphics workload has system privileges this could enable subsequent exploit on the...

CVE-2026-22165

CVE-2026-22165 involves a flaw in a GPU DDK where a web page serving unusual WebGPU content loaded into the GPU GLES render process can trigger a write UAF in the GPU GLES user-space shared library. The root cause is described as UAF reads of GLES3Context::psDrawParams and GLES3Context::psMode an...

CVE-2026-22165 GPU DDK - UAF read of GLES3Context::psDrawParams and GLES3Context::psMode and UAF read/write of RMJob::apsCCBs

A web page that contains unusual WebGPU content loaded into the GPU GLES render process and can trigger a write UAF crash in the GPU GLES user-space shared library. On certain platforms, when the process executing graphics workload has system privileges this could enable further exploits on the...

CVE-2026-22167

CVE-2026-22167 concerns a GPU DDK vulnerability where cache-resident PM buffers can be written by other GPU requestors. The issue allows software running as a non-privileged user to issue improper GPU system calls, forcing the GPU to write to arbitrary physical memory pages. Under certain conditi...

GHSA-RCH3-82JR-F9W9 vulnerabilities

Vulnerabilities for packages: jupyter-base-notebook, tensorflow-cpu-jupyter, datahub-ingestion, tensorflow-gpu-jupyter, datahub-ingestion-fips...

CVE-2026-40171 vulnerabilities

Vulnerabilities for packages: jupyter-base-notebook, tensorflow-cpu-jupyter, datahub-ingestion, tensorflow-gpu-jupyter, datahub-ingestion-fips...

Chromium: CVE-2026-7357 Use after free in GPU

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Imagination Graphics DDK 资源管理错误漏洞

Imagination Graphics DDK is a suite of GPU driver tools from Imagination UK. The Imagination Graphics DDK suffers from a resource management error vulnerability that stems from a write-release-after-reuse crash triggered when WebGPU content is loaded into the GPU GLES rendering process, which cou...

Imagination Graphics DDK 缓冲区错误漏洞

Imagination Graphics DDK is a suite of GPU driver tools from Imagination UK. The Imagination Graphics DDK suffers from a buffer error vulnerability that arises from software run by an unprivileged user that may execute improper GPU system calls to force the GPU to write to arbitrary physical memo...

PT-2026-36498

Software installed and run as a non-privileged user may conduct improper GPU system calls to force GPU to write to arbitrary physical memory pages. Under certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kernel an...

PT-2026-36496

A web page that contains unusual WebGPU content loaded into the GPU GLES render process and can trigger a write UAF crash in the GPU GLES user-space shared library. On certain platforms, when the process executing graphics workload has system privileges this could enable further exploits on the...

PT-2026-36497

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description A web page containing unusual WebGPU content loaded into the GPU GLES render process can trigger a write Use-After-Free UAF crash in the GPU GLES user-space shar...

KLA91012 Multiple vulnerabilities in Microsoft Browser

Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in media can be exploited remotely to execute...

Security update for chromium (critical)

openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2026:0161-1 Rating: critical References: 1263158 Cross-References: CVE-2026-6919 CVE-2026-6920 CVE-2026-6921 CVE-2026-7333 CVE-2026-7334 CVE-2026-7335 CVE-2026-7336 CVE-2026-7337 CVE-2026-7338 CVE-2026-7339...

SUSE CVE-2026-7333

Use after free in GPU in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

CVE-2026-7333

An use after free flaw was found in the GPU component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=493955227...

Linux Distros Unpatched Vulnerability : CVE-2026-7333

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in GPU in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromi...

Google Chrome < 147.0.7727.137 Multiple Vulnerabilities

The version of Google Chrome installed on the remote Windows host is prior to 147.0.7727.137. It is, therefore, affected by multiple vulnerabilities as referenced in the 202604stable-channel-update-for-desktop28 advisory. - Use after free in Canvas in Google Chrome on Linux, ChromeOS prior to...

Linux Distros Unpatched Vulnerability : CVE-2026-7357

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in GPU in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially exploit heap...

DEBIAN-CVE-2026-7333

Use after free in GPU in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...