Denial of Service Risk in Intel NPU Drivers for User Applications
CVE-2025-26402

6.8MEDIUM

Key Information:

Vendor: Intel
Status: Intel(r) Npu Drivers
Vendor: CVE Published:; 11 November 2025

What is CVE-2025-26402?

A vulnerability exists in certain Intel NPU Drivers where a failure in protection mechanisms for User Applications can be exploited, leading to potential denial of service. This issue allows an unprivileged software attacker, who is already authenticated, to execute a low complexity attack. The attack is feasible via local access and does not necessitate special internal knowledge or user interaction. Consequently, this vulnerability may significantly affect the availability of the affected system.

Affected Version(s)

Intel(R) NPU Drivers See references

References

https://intel.com/content/www/us/en/security-center/advis...

CVSS V4

Score:

6.8

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 11, 2025
Vulnerability Reserved
Mar 6, 2025

JSON