What is the CVSS score of EUVD-2026-26662?

EUVD-2026-26662 has a CVSS 3.1 base score of 8.1 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H. EPSS exploitation probability: 0.0%.

Which versions of Imagination Graphics DDK are affected by EUVD-2026-26662?

CVE-2026-22165 affects Imagination Technologies Graphics DDK and allows authenticated remote attackers to execute arbitrary code or trigger denial-of-service through malicious WebGPU content, with…

Imagination Graphics DDK EUVD-2026-26662

| CVE-2026-22165 HIGH

Use After Free (CWE-416)

2026-05-01 367425dc-4d06-4041-9650-c2dc6aaa27ce

Denial Of Service Use After Free Memory Corruption

8.1

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

May 01, 2026 - 20:22 vuln.today

CVSS changed

May 01, 2026 - 20:22 NVD

8.1 (None) 8.1 (HIGH)

EUVD ID Assigned

May 01, 2026 - 16:22 euvd

EUVD-2026-26662

Analysis Generated

May 01, 2026 - 16:22 vuln.today

CVE Published

May 01, 2026 - 16:16 nvd

HIGH 8.1

DescriptionNVD

A web page that contains unusual WebGPU content loaded into the GPU GLES render process and can trigger a write UAF crash in the GPU GLES user-space shared library. On certain platforms, when the process executing graphics workload has system privileges this could enable further exploits on the device.

AnalysisAI

Remote authenticated attackers can execute code or cause persistent denial-of-service in Imagination Technologies Graphics DDK by triggering a use-after-free in the GPU GLES render process via specially crafted WebGPU content. On platforms where the GPU driver runs with elevated system privileges, successful exploitation enables device-level compromise beyond the browser sandbox. …

RemediationAI

Within 24 hours: Inventory all systems using Imagination Technologies Graphics DDK and document GPU driver privilege levels; restrict WebGPU access on affected systems where feasible through browser policy or disabled hardware acceleration. Within 7 days: Implement application-level controls to block untrusted WebGPU content and conduct risk assessment of affected device categories by deployment context (e.g., shared computing environments vs. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

EUVD-2026-26662 vulnerability details – vuln.today

Back