Aggregates CVE and security vulnerability intelligence across all NVIDIA-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk buffer overflow and vendor risk memory corruption and related problems; some flaws may lead to vendor impact memory corruption, affecting vendor surface software deployment scenarios.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2026-24216 | NVIDIA BioNemo for Linux contains a vulnerability where a user could cause a deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering. | [email protected] | 7.8 | 0.29% | 2026-05-20 | 2026-06-17 |
| CVE-2026-24188 | NVIDIA TensorRT contains a vulnerability where an attacker could cause an out-of-bounds write. A successful exploit of this vulnerability might lead to data tampering. | [email protected] | 8.2 | 0.38% | 2026-05-20 | 2026-06-17 |
| CVE-2026-24215 | NVIDIA Triton Inference Server contains a vulnerability in the DALI backend, where an attacker could cause uncontrolled resource consumption. A successful exploit of this vulnerability might lead to denial of service. | [email protected] | 5.7 | 0.41% | 2026-05-20 | 2026-06-17 |
| CVE-2026-24214 | NVIDIA Triton Inference Server contains a vulnerability in the DALI backend where an attacker could cause an integer overflow. A successful exploit of this vulnerability might lead to code execution, data tampering, or denial of service. | [email protected] | 8.0 | 0.72% | 2026-05-20 | 2026-06-17 |
| CVE-2026-24213 | NVIDIA Triton Inference Server contains a vulnerability in the DALI backend where an attacker could cause an out-of-bounds read. A successful exploit of this vulnerability might lead to code execution, data tampering, denial of service, or information disclosure. | [email protected] | 8.0 | 0.72% | 2026-05-20 | 2026-06-17 |
| CVE-2026-24210 | NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause an integer overflow. A successful exploit of this vulnerability might lead to denial of service. | [email protected] | 7.5 | 0.60% | 2026-05-20 | 2026-06-17 |
| CVE-2026-24209 | NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause a path traversal issue. A successful exploit of this vulnerability might lead to denial of service. | [email protected] | 7.5 | 0.65% | 2026-05-20 | 2026-06-17 |
| CVE-2026-24208 | NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause a path traversal issue. A successful exploit of this vulnerability might lead to denial of service. | [email protected] | 5.3 | 0.65% | 2026-05-20 | 2026-06-17 |
| CVE-2026-24207 | NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause an authentication bypass. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, or information disclosure. | [email protected] | 9.8 | 0.83% | 2026-05-20 | 2026-06-17 |
| CVE-2026-24206 | NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause an authentication bypass. A successful exploit of this vulnerability might lead to escalation of privileges, denial of service, or information disclosure. | [email protected] | 7.3 | 0.55% | 2026-05-20 | 2026-06-17 |
| CVE-2026-24163 | NVIDIA TRT-LLM for any platform contains a vulnerability in RPC testing, where an attacker could cause an unsafe deserialization. A successful exploit of this vulnerability might lead to code execution, denial of service, data tampering, and information disclosure. | [email protected] | 7.5 | 0.59% | 2026-05-20 | 2026-06-17 |
| CVE-2026-24160 | NVIDIA TRT-LLM for any platform contains a vulnerability where an attacker could cause an unchecked return value to a null pointer dereference. A successful exploit of this vulnerability might lead to denial of service. | [email protected] | 5.5 | 0.47% | 2026-05-20 | 2026-06-17 |
| CVE-2026-24142 | NVIDIA TRT-LLM for any platform contains a deserialization vulnerability and unsafe serialized handle. A successful exploit of this vulnerability might lead to code execution, data tampering, and information disclosure. | [email protected] | 6.3 | 0.38% | 2026-05-20 | 2026-06-17 |
| CVE-2025-33255 | NVIDIA TRT-LLM for any platform contains a vulnerability in MPI server, where an attacker could cause an unsafe deserialization. A successful exploit of this vulnerability might lead to code execution, denial of service, data tampering, and information disclosure. | [email protected] | 7.5 | 0.57% | 2026-05-20 | 2026-06-17 |
| CVE-2026-24231 | NVIDIA NemoClaw contains a vulnerability in the validateEndpointUrl() SSRF protection component, where an attacker could cause a server-side request forgery by supplying a crafted endpoint URL referencing the 0.0.0.0/8 address range through a blueprint configuration file or CLI flag. A successful exploit of this vulnerability may lead to information disclosure. | [email protected] | 6.3 | 0.13% | 2026-04-28 | 2026-06-17 |
| CVE-2026-24222 | NVIDIA NeMoClaw contains a vulnerability in the sandbox environment initialization component, where a remote attacker could cause improper access control by sending prompt-injected content that causes the agent to read and exfiltrate host environment variables not properly restricted during sandbox creation. A successful exploit of this vulnerability might lead to information disclosure. | [email protected] | 8.6 | 0.40% | 2026-04-28 | 2026-06-17 |
| CVE-2026-24204 | NVIDIA Flare SDK contains a vulnerability where an Attacker may cause an Improper Input Validation by path traversing. A successful exploit of this vulnerability may lead to information disclosure. | [email protected] | 6.5 | 0.36% | 2026-04-28 | 2026-06-17 |
| CVE-2026-24186 | NVIDIA FLARE SDK contains a vulnerability in FOBS, where an attacker may cause deserialization of untrusted data by sending a malicious FOBS- encoded message. A successful exploit of this vulnerability might lead to code execution. | [email protected] | 8.8 | 0.47% | 2026-04-28 | 2026-06-17 |
| CVE-2026-24178 | NVIDIA NVFlare Dashboard contains a vulnerability in the user management and authentication system where an unauthenticated attacker may cause authorization bypass through user-controlled key. A successful exploit of this vulnerability may lead to privilege escalation, data tampering, information disclosure, code execution, and denial of service. | [email protected] | 9.8 | 0.57% | 2026-04-28 | 2026-06-17 |
| CVE-2026-24175 | NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause a server crash by sending a malformed request header to the server. A successful exploit of this vulnerability might lead to denial of service. | [email protected] | 7.5 | 0.47% | 2026-04-07 | 2026-06-17 |