CVE-2026-41157
Published Jun 12, 2026
Last updated 15 hours ago
- Description
- A web page that contains unusual WebGPU content loaded into the GPU GLES render process and can trigger an out-of-bound write in the GPU user-space driver, leading to memory corruption and possible browser/GPU process crash. The software computes a required memory size from untrusted input, but integer overflow can produce a value smaller than needed. Subsequent write operations may then occur past the intended memory boundary, corrupting adjacent memory and causing process instability or termination.
- Source
- 367425dc-4d06-4041-9650-c2dc6aaa27ce
- NVD status
- Received
- 367425dc-4d06-4041-9650-c2dc6aaa27ce
- CWE-787
- Hype score
- Not currently trending