top of page
perceptive_background_267k.jpg

A web page that contains unusual WebGPU content loaded into the GPU GLES render process and can trigger write UAF crash in the GPU GLES user-space shared librar…

Published:

30 April 2026 at 22:00:00

Alert date:

1 May 2026 at 19:02:19

Source:

nvd.nist.gov

Click to open the original link from this advisory

Web Technologies, Operating Systems

CVE-2026-22166 is a use-after-free vulnerability in GPU GLES user-space shared library triggered by unusual WebGPU content in web pages. The vulnerability can cause write UAF crashes in the GPU GLES render process. On platforms where graphics processes run with system privileges, this could enable privilege escalation and subsequent system exploitation. The vulnerability affects the WebGPU implementation and GPU driver components.

Technical details

Mitigation steps:

Affected products:

WebGPU
GPU GLES
Imagination Technologies GPU Driver

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-22166
https://www.imaginationtech.com/gpu-driver-vulnerabilities/

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Disclaimer: Deze website toont informatie afkomstig van externe bronnen. Perceptive aanvaardt geen verantwoordelijkheid voor de inhoud, juistheid of volledigheid van deze informatie.

bottom of page