汇总 NVIDIA 相关全部产品的 CVE 与安全漏洞情报,包括 CVSS、EPSS、公开时间与漏洞情报数据。
历史漏洞主要涉及 缓冲区溢出与内存损坏 等问题,部分漏洞可能导致 内存损坏,并影响 软件部署与生产负载 相关场景。
相关漏洞数据主要来源于公开漏洞披露与安全公告,可用于评估历史漏洞暴露面与修复优先级。
| CVE | 摘要 | 来源 | 最高 CVSS | EPSS % | 公开时间 | 更新时间 |
|---|---|---|---|---|---|---|
| CVE-2026-24237 | NVIDIA NVTabular contains a vulnerability where an attacker could cause improper deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, data tampering, and information disclosure. | [email protected] | 7.8 | 0.07% | 2026-06-02 | 2026-06-04 |
| CVE-2026-24221 | NVIDIA NVTabular contains a vulnerability where an attacker could cause improper deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, data tampering and information disclosure. | [email protected] | 7.8 | 0.07% | 2026-06-02 | 2026-06-04 |
| CVE-2026-24199 | NVIDIA Display Driver for Linux contains a vulnerability in a kernel module, where a user could cause a race condition by reordering compiler or processor memory instructions. A successful exploit of this vulnerability might lead to denial of service. | [email protected] | 4.7 | 0.01% | 2026-05-26 | 2026-05-27 |
| CVE-2026-24212 | NVIDIA Isaac Launchable for Linux contains a vulnerability where sensitive information is transmitted in clear text. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering. | [email protected] | 7.5 | 0.00% | 2026-05-26 | 2026-05-27 |
| CVE-2026-24162 | NVIDIA Transformers4Rec for Linux contains a vulnerability where an attacker could cause improper deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, data tampering, and information disclosure. | [email protected] | 7.8 | 0.02% | 2026-05-26 | 2026-06-04 |
| CVE-2026-24217 | NVIDIA BioNeMo Core for Linux contains a vulnerability where a user could cause a path traversal by loading a malicious file. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering. | [email protected] | 8.8 | 0.08% | 2026-05-20 | 2026-05-21 |
| CVE-2026-24216 | NVIDIA BioNemo for Linux contains a vulnerability where a user could cause a deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering. | [email protected] | 7.8 | 0.06% | 2026-05-20 | 2026-05-21 |
| CVE-2026-24215 | NVIDIA Triton Inference Server contains a vulnerability in the DALI backend, where an attacker could cause uncontrolled resource consumption. A successful exploit of this vulnerability might lead to denial of service. | [email protected] | 5.7 | 0.03% | 2026-05-20 | 2026-05-20 |
| CVE-2026-24214 | NVIDIA Triton Inference Server contains a vulnerability in the DALI backend where an attacker could cause an integer overflow. A successful exploit of this vulnerability might lead to code execution, data tampering, or denial of service. | [email protected] | 8.0 | 0.04% | 2026-05-20 | 2026-05-20 |
| CVE-2026-24213 | NVIDIA Triton Inference Server contains a vulnerability in the DALI backend where an attacker could cause an out-of-bounds read. A successful exploit of this vulnerability might lead to code execution, data tampering, denial of service, or information disclosure. | [email protected] | 8.0 | 0.04% | 2026-05-20 | 2026-05-20 |
| CVE-2026-24210 | NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause an integer overflow. A successful exploit of this vulnerability might lead to denial of service. | [email protected] | 7.5 | 0.04% | 2026-05-20 | 2026-05-20 |
| CVE-2026-24209 | NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause a path traversal issue. A successful exploit of this vulnerability might lead to denial of service. | [email protected] | 7.5 | 0.06% | 2026-05-20 | 2026-05-20 |
| CVE-2026-24208 | NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause a path traversal issue. A successful exploit of this vulnerability might lead to denial of service. | [email protected] | 5.3 | 0.06% | 2026-05-20 | 2026-05-20 |
| CVE-2026-24207 | NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause an authentication bypass. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, or information disclosure. | [email protected] | 9.8 | 0.10% | 2026-05-20 | 2026-05-20 |
| CVE-2026-24206 | NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause an authentication bypass. A successful exploit of this vulnerability might lead to escalation of privileges, denial of service, or information disclosure. | [email protected] | 7.3 | 0.08% | 2026-05-20 | 2026-05-20 |
| CVE-2026-24163 | NVIDIA TRT-LLM for any platform contains a vulnerability in RPC testing, where an attacker could cause an unsafe deserialization. A successful exploit of this vulnerability might lead to code execution, denial of service, data tampering, and information disclosure. | [email protected] | 7.5 | 0.04% | 2026-05-20 | 2026-05-20 |
| CVE-2026-24160 | NVIDIA TRT-LLM for any platform contains a vulnerability where an attacker could cause an unchecked return value to a null pointer dereference. A successful exploit of this vulnerability might lead to denial of service. | [email protected] | 5.5 | 0.01% | 2026-05-20 | 2026-05-21 |
| CVE-2026-24142 | NVIDIA TRT-LLM for any platform contains a deserialization vulnerability and unsafe serialized handle. A successful exploit of this vulnerability might lead to code execution, data tampering, and information disclosure. | [email protected] | 6.3 | 0.07% | 2026-05-20 | 2026-05-21 |
| CVE-2025-33255 | NVIDIA TRT-LLM for any platform contains a vulnerability in MPI server, where an attacker could cause an unsafe deserialization. A successful exploit of this vulnerability might lead to code execution, denial of service, data tampering, and information disclosure. | [email protected] | 7.5 | 0.06% | 2026-05-20 | 2026-05-21 |
| CVE-2026-24231 | NVIDIA NemoClaw contains a vulnerability in the validateEndpointUrl() SSRF protection component, where an attacker could cause a server-side request forgery by supplying a crafted endpoint URL referencing the 0.0.0.0/8 address range through a blueprint configuration file or CLI flag. A successful exploit of this vulnerability may lead to information disclosure. | [email protected] | 6.3 | 0.01% | 2026-04-28 | 2026-05-04 |