VYPR
High severity8.1NVD Advisory· Published Apr 12, 2026· Updated Apr 16, 2026

CVE-2026-40393

CVE-2026-40393

Description

In Mesa before 25.3.6 and 26 before 26.0.1, out-of-bounds memory access can occur in WebGPU because the amount of to-be-allocated data depends on an untrusted party, and is then used for alloca.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

4

Patches

Vulnerability mechanics

References

2

News mentions

1