WebGPU Content Processing Vulnerability in Imagination Technologies GPU Driver
CVE-2026-22165

Currently unrated

Key Information:

Vendor: Imagination Technologies
Status: Graphics Ddk
Vendor: CVE Published:; 1 May 2026

🔔 Create Imagination Technologies Vulnerability Alert

What is CVE-2026-22165?

A vulnerability exists in the Imagination Technologies GPU Driver due to the handling of unusual WebGPU content. When this content is processed, it can lead to a write Use-After-Free (UAF) condition within the GPU GLES render process. In scenarios where the graphics workload is executed with system privileges, this may open avenues for further exploitation, potentially compromising the security of the device.

Affected Version(s)

Graphics DDK Linux 1.18 RTM

Graphics DDK Linux 23.2 RTM

Graphics DDK Linux 24.1 RTM <= 24.2 RTM

References

https://www.imaginationtech.com/gpu-driver-vulnerabilities/

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 1, 2026
Vulnerability Reserved
Jan 6, 2026

CVE-2026-22165 Data

JSON