CVE-2026-44803 Windows Graphics Component Remote Code Execution Vulnerability

...

CVE-2026-44803 Windows Graphics Component Remote Code Execution Vulnerability

...

EUVD-2026-35758

Integer overflow or wraparound in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally...

CVE-2026-44803

CVE-2026-44803 describes an integer overflow/wraparound in Windows Win32K - GRFX that can allow a local attacker to execute code. The vulnerability is identified across multiple sources (NVD, CVE listing, and MSRC update page) and is classified with a high impact: local code execution, requiring ...

CVE-2026-42986 Microsoft Graphics Component Elevation of Privilege Vulnerability

...

EUVD-2026-35737

Use after free in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally...

CVE-2026-42986 Microsoft Graphics Component Elevation of Privilege Vulnerability

...

CVE-2026-42986

CVE-2026-42986 describes a use-after-free in the Microsoft Graphics Component that allows an authorized attacker to elevate privileges locally. Affected: Microsoft Graphics Component; vulnerability class: use-after-free leading to local privilege escalation. Root cause as stated: after-free condi...

NVIDIA GPU Display Driver and vGPU Software Vulnerabilities - Lenovo Support US

No description provided...

CVE-2026-34194

Software installed and run as a non-privileged user may conduct improper GPU system calls to cause mismanagement of a mapping state maintained for a sparse memory allocation. The product accidentally refers to the wrong memory due to the semantics of how math operations are implicitly scaled acro...

CVE-2026-25558

QloApps through 1.7.0 contains a stored cross-site scripting vulnerability in the admin file manager that allows authenticated administrators to inject malicious JavaScript by uploading crafted SVG files. Attackers can embed JavaScript event handlers such as onload within SVG files uploaded throu...

Chromium: CVE-2026-11082 Use after free in GPU

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Chromium: CVE-2026-11064 Uninitialized Use in GPU

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Chromium: CVE-2026-11045 Insufficient validation of untrusted input in GPU

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Windows Graphics Component Remote Code Execution Vulnerability

Integer overflow or wraparound in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally...

Microsoft Graphics Component Elevation of Privilege Vulnerability

Use after free in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally...

Windows Graphics Component Remote Code Execution Vulnerability

Integer overflow or wraparound in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally...

SUSE CVE-2025-71315

In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Convert to DRM's vblank timer Replace vkms' vblank timer with the DRM implementation. The DRM code is identical in concept, but differs in implementation. Vblank timers are covered in vblank helpers and initializer...

EUVD-2026-35272

Heap buffer overflow in GPU in Google Chrome on Android prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

EUVD-2026-35214

Inappropriate implementation in SVG in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...