CVE-2026-41157

The CVE-2026-41157 entry concerns Imagination Graphics DDK with an OOB write in the GPU driver when processing WebGPU content in the GLES render path. The root cause is an integer overflow while computing a required memory size from untrusted input, which can yield a value smaller than needed; su...

CVE-2026-41155 GPU DDK - SharedSecMem mapped into all GPU virtual address spaces

An attacker could cooperatively pass data from one secure GPU process to another secure GPU process through shared secure memory allocations in the kernel module. Additionally, an attacker could disrupt the operation of another secure GPU process leading to image corruption / GPU hardware recover...

CVE-2026-41155 GPU DDK - SharedSecMem mapped into all GPU virtual address spaces

An attacker could cooperatively pass data from one secure GPU process to another secure GPU process through shared secure memory allocations in the kernel module. Additionally, an attacker could disrupt the operation of another secure GPU process leading to image corruption / GPU hardware recover...

CVE-2026-34195 GPU DDK - Kernel heap OOB write in PMRChangeSparseMemOSMem due to incorrect physical page translation from virtual page indexes

Software installed and run as a non-privileged user may conduct intentional GPU sparse memory API calls to cause out of bounds write in the kernel. The product incorrectly indexes internal state when performing sparse allocation remapping...

EUVD-2026-36331

Heap buffer overflow in GPU in Google Chrome on Android prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

PT-2026-49023

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description Software installed and run as a non-privileged user may perform GPU system calls to write to arbitrary freed physical pages. This occurs because physical memory...

CVE-2026-12030

Out of bounds write in GPU in Google Chrome on Android prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

CVE-2026-12023

Use after free in GPU in Google Chrome on Mac prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

CVE-2026-12033

CVE-2026-12033 affects Google Chrome’s VideoCapture component. The issue is an out-of-bounds read in VideoCapture that could allow a remote attacker who has compromised the GPU process to read potentially sensitive data from process memory via a crafted HTML page. The vulnerability is tied to Chr...

CVE-2026-12028

Use after free in GPU in Google Chrome on Android prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

CVE-2026-12030

Out of bounds write in GPU in Google Chrome on Android prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

CVE-2026-12023

CVE-2026-12023 is a use-after-free in the GPU code of Google Chrome for Mac, prior to version 149.0.7827.115. The flaw could be exploited by a remote attacker who had already compromised the renderer process to potentially escape the Chrome sandbox via a crafted HTML page. Affected software is Ch...

CVE-2026-12023

Use after free in GPU in Google Chrome on Mac prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

CVE-2026-12010

Heap buffer overflow in the GPU component of Google Chrome on Android (vulnerable before 149.0.7827.115) could allow a remote attacker who has compromised the renderer process to potentially escape the sandbox via a crafted HTML page. The issue affects Chrome on Android and is classified as Criti...

CVE-2026-12010

Heap buffer overflow in GPU in Google Chrome on Android prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

PT-2026-48769

Name of the Vulnerable Software and Affected Versions Google Chrome on Mac versions prior to 149.0.7827.115 Description A use after free issue in the GPU allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape by using a crafted HTML page. Use aft...

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.115 contained a security vulnerability caused by an out-of-bound write issue in the GPU component. This vulnerability could allow remote attackers to execute sandbox escape through a specially...

PT-2026-48776

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 149.0.7827.115 Description An out-of-bounds write occurs in the GPU component. This allows a remote attacker who has already compromised the renderer process to potentially achieve a sandbox escape by...

CVE-2026-11672

An out of bounds write flaw was found in the GPU component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=516794471...

Important: Red Hat Security Advisory: Red Hat AI Inference Server Model Optimization Tools 3.2.2 (cuda)

Red Hat AI Inference Server Model Optimization Tools 3.2.2 cuda is now available. Red Hat® AI Inference Server Model Optimization Tools...