Critical severity9.6NVD Advisory· Published Mar 20, 2026· Updated Apr 21, 2026

CVE-2026-21732

Description

A web page that contains unusual GPU shader code is loaded into the GPU compiler process and can trigger a write out-of-bounds write crash in the GPU shader compiler library. On certain platforms, when the compiler process has system privileges this could enable further exploits on the device.

An edge case using a very large value in switch statements in GPU shader code can cause a segmentation fault in the GPU shader compiler due to an out-of-bounds write access.

Affected products

Imaginationtech/Ddk4 versions
cpe:2.3:a:imaginationtech:ddk:*:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:imaginationtech:ddk:*:*:*:*:*:*:*:*range: >=24.1,<=25.1
- cpe:2.3:a:imaginationtech:ddk:1.17:*:*:*:*:*:*:*
- cpe:2.3:a:imaginationtech:ddk:1.18:*:*:*:*:*:*:*
- cpe:2.3:a:imaginationtech:ddk:23.2:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.imaginationtech.com/gpu-driver-vulnerabilities/nvdVendor Advisory

News mentions

No linked articles in our index yet.

cvss	0.624
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000