CVE-2026-21732CRITICAL 9.6EPSS p20.3%

CVE-2026-21732CVE-2026-21732

Description

A web page that contains unusual GPU shader code is loaded into the GPU compiler process and can trigger a write out-of-bounds write crash in the GPU shader compiler library. On certain platforms, when the compiler process has system privileges this could enable further exploits on the device. An edge case using a very large value in switch statements in GPU shader code can cause a segmentation fault in the GPU shader compiler due to an out-of-bounds write access.

Scoring

CVSS 3.19.6 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
EPSS0.29% probability of exploitation · percentile 20.3% · 2026-06-19T12:03:05Z
Published2026-03-20
Last modified2026-04-21

Underlying weaknesses· 2

CWE-823CWE-787

References

  1. https://www.imaginationtech.com/gpu-driver-vulnerabilities/

2

TypeTargetConfidenceTier
WeaknessOut-of-bounds Writecwe-7870%live
WeaknessUse of Out-of-range Pointer Offsetcwe-8230%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-13952
CVE
CVE-2026-22165
CVE
CVE-2026-22166
CVE
CVE-2026-22167
CVE
CVE-2026-22164
CVE
CVE-2026-5272
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.