Home

Description

A web page that contains unusual WebGPU content loaded into the GPU GLES render process and can trigger a write UAF crash in the GPU GLES user-space shared library. On certain platforms, when the process executing graphics workload has system privileges this could enable further exploits on the device.

PUBLISHED Reserved 2026-01-06 | Published 2026-05-01 | Updated 2026-05-01 | Assigner imaginationtech

Problem types

CWE-416: Use After Free

Product status

Default status
unknown

1.18 RTM (custom)
affected

23.2 RTM (custom)
affected

24.1 RTM (custom)
affected

25.1 RTM (custom)
affected

26.1 RTM (custom)
unaffected

References

www.imaginationtech.com/gpu-driver-vulnerabilities/

cve.org (CVE-2026-22165)

nvd.nist.gov (CVE-2026-22165)

Download JSON