CVE-2026-21736

EUVD-2026-10330
Software installed and run as a non-privileged user may conduct improper GPU system calls to gain write permission to read-only wrapped user-mode memory.

This is caused by improper handling of the memory protections for the user-mode wrapped memory resource.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.4 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
CISA-ADPADP
4.4 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
imaginationtechddk
25.1
imaginationtechddk
25.1:rtm2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.imaginationtech.com/gpu-driver-vulnerabilities/