Mesa 26.0.1 is now available as the first point release of this quarter's [1]Mesa 26.0 series. Besides the usual bug fixing, Mesa 26.0.1 is more pressing than usual since it contains a security fix for possible out-of-bounds memory access in WebGPU contexts from web browsers.

Eric Engestrom wrote in today's [2]Mesa 26.0.1 announcement :

"This release and 25.3.6 (already out) contain a security fix preventing out-of-bounds memory access in WebGPU. They should be deployed to users as quickly as possible."

Mesa 26.0.1 fixes in today's update include:

- A security fix preventing out-of-bounds memory access in WebGPU, which is rather pressing due to the WebGPU exposure in modern web browsers.

- Various KosmicKrisp fixes for Vulkan atop Apple's Metal API.

- Lavapipe now enables DMA-BUF import support for planar DRM formats.

- The RADV driver has fixed potential corruption after FMASK decompression for old AMD GFX6 through GFX8 GPUs.

- Various other smaller RADV driver fixes, including for potential GPU hangs.

- The Intel ANV Vulkan driver now limiting its disabling of Vulkan modifiers just to specific, affected GTK versions rather than all GTK releases.

- Various other Intel ANV driver fixes, such as wrong shadows and flickering grass in Genshin Impact along with other Intel Linux gaming regressions.



[1] https://www.phoronix.com/search/Mesa+26.0

[2] https://lists.freedesktop.org/archives/mesa-dev/2026-February/226597.html