CVE-2026-21734 — HIGH (7.7)

Vulnerability Description

A web page that contains unusual GPU shader code is loaded into the GPU compiler process and can trigger a write out-of-bounds write crash in the GPU shader compiler library. On certain platforms, when the compiler process has system privileges this could enable further exploits on the device. An edge case using a very small value in GPU shader code can cause a segmentation fault in the GPU shader compiler due to am out-of-bounds write.

CVSS Score

7.7

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

HIGH

Availability

HIGH

Related Weaknesses (CWE)

CWE-823

References

https://www.imaginationtech.com/gpu-driver-vulnerabilities/

FAQ

What is CVE-2026-21734?

CVE-2026-21734 is a vulnerability with a CVSS score of 7.7 (HIGH). A web page that contains unusual GPU shader code is loaded into the GPU compiler process and can trigger a write out-of-bounds write crash in the GPU shader compiler library. On certain platforms, whe...

How severe is CVE-2026-21734?

CVE-2026-21734 has been rated HIGH with a CVSS base score of 7.7/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2026-21734?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.