PatchSiren cyber security CVE debrief
CVE-2026-34194 Imagination Technologies CVE debrief
CVE-2026-34194 is a HIGH severity vulnerability with a CVSS score of 7.1. The vulnerability occurs when software installed and run as a non-privileged user conducts improper GPU system calls, causing mismanagement of a mapping state maintained for a sparse memory allocation. This happens because the product accidentally refers to the wrong memory due to the semantics of how math operations are implicitly scaled across buffers of different sizes.
- Vendor
- Imagination Technologies
- Product
- Graphics DDK
- CVSS
- HIGH 7.1
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-08
- Original CVE updated
- 2026-06-09
- Advisory published
- 2026-06-08
- Advisory updated
- 2026-06-09
Who should care
Users of GPU drivers from Imagination Technologies should be aware of this vulnerability. The vendor is listed as Unknown Vendor, but evidence suggests the vulnerability may be related to Imaginationtech.
Technical summary
The vulnerability has a CVSS vector of CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H. It is classified under CWE-468.
Defensive priority
HIGH
Recommended defensive actions
- Apply patches or updates from the vendor once available.
- Review and update GPU driver software to ensure it is from a trusted source.
- Consider implementing additional security measures for non-privileged user accounts.
Evidence notes
The CVE record was published on 2026-06-08T16:16:38.250Z and modified on 2026-06-09T13:57:49.980Z. The vendor is listed as Unknown Vendor, but evidence suggests Imaginationtech may be related.
Official resources
-
CVE-2026-34194 CVE record
CVE.org
-
CVE-2026-34194 NVD detail
NVD
-
Source item URL
nvd_modified
-
Source reference
367425dc-4d06-4041-9650-c2dc6aaa27ce
CVE-2026-34194 was published on 2026-06-08T16:16:38.250Z and modified on 2026-06-09T13:57:49.980Z.