HIGH
Mesa3d
CVE published 2026-04-12
CVE-2026-40393
CVE-2026-40393 is a HIGH severity vulnerability in Mesa's WebGPU implementation. An out-of-bounds memory access can occur because the amount of to-be-allocated data depends on an untrusted party. This issue affects Mesa versions before 25.3.6 and 26 before 26.0.1. The vulnerability arises from the WebGPU implementation in Mesa, where the allocation of data depends on an untrusted party. This can lead to o [truncated]