In order to fix several high-severity vulnerabilities in its GPU Display Driver software, vGPU platform, and HD Audio drivers, NVIDIA has released critical security updates This article explores severity vulnerabilities gpu. . The bulletin, which was updated on January 27, 2026, lists five different CVEs that impact millions of systems globally. The attack vectors include kernel-mode code execution and local privilege escalation. With a CVSS base score of 7.8 (High severity), the GPU Display Driver for Windows and Linux contains the majority of the most serious vulnerabilities. While CVE-2025-33218 and CVE-2025-33219 take advantage of integer overflow vulnerabilities in the kernel mode layer and NVIDIA kernel module, respectively, CVE-2025-33217 and CVE-2025-33220 take advantage of use-after-free conditions in kernel memory. These flaws could give authorized local attackers the ability to execute arbitrary code, increase privileges to system-level access, alter data, or create denial-of-service situations without requiring user input. CVE-2025-33217 GPU Display Driver Windows Use-After-Free 7.8 High CWE-416 Code execution, privilege escalation, data tampering, DoS, and information disclosure CVE-2025-33218 GPU Display Driver Windows Integer Overflow (nvlddmkm.sys) CVE-2025-33219 GPU Display Driver Linux Integer Overflow/Wraparound 7.8 High CWE-190 Code execution, privilege escalation, data tampering, DoS, information disclosure CVE-2025-33220 vGPU Software Virtualized Heap Use-After-Free 7.8 High CWE-416 Code execution, privilege escalation, data tampering, DoS, information disclosure CVE-2025-33237 HD Audio Driver Windows NULL Pointer Dereference 5.5 Medium CWE-476 (from all previous versions) prior versions) Linux Display Driver R590: 590.48.01 (from all prior versions) R580: 580.126.09 (from all prior versions) R570: 570.211.01 (from all prior versions) R535: 535.288.01 (from all prior versions)