nvidia

867 tracked vulnerabilities.

CVE-2026-24218 HIGH
NVIDIA DGX Spark < OTA0 - Use of Hard-coded Cryptographic Key in Factory Provisioning Process
May 20, 2026
CVSS 8.1
EPSS 0.00
CVE-2026-24217 HIGH
NVIDIA BioNeMo Framework < commit dfd83a7 on main - Path Traversal via Malicious File Loading
May 20, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-24216 HIGH
NVIDIA BioNeMo Framework < commit dfd83a7 in Main - Deserialization of Untrusted Data
May 20, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-24188 HIGH
NVIDIA TensorRT < v10.16.1 - Out-of-bounds Write
May 20, 2026
CVSS 8.2
EPSS 0.00
CVE-2026-24215 MEDIUM
NVIDIA Triton Inference Server < 26.03 - Uncontrolled Resource Consumption in DALI Backend
May 20, 2026
CVSS 5.7
EPSS 0.00
CVE-2026-24214 HIGH
NVIDIA Triton Inference Server < 26.03 - Integer Overflow in DALI Backend
May 20, 2026
CVSS 8.0
EPSS 0.00
CVE-2026-24213 HIGH
NVIDIA Triton Inference Server < 26.03 - Out-of-bounds Read in DALI Backend
May 20, 2026
CVSS 8.0
EPSS 0.00
CVE-2026-24210 HIGH
NVIDIA Triton Inference Server < 26.03 - Denial of Service via Integer Overflow
May 20, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-24209 HIGH
Nvidia Triton Inference Server < r26.03 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
May 20, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-24208 MEDIUM
Nvidia Triton Inference Server < r26.03 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
May 20, 2026
CVSS 5.3
EPSS 0.00
CVE-2026-24207 CRITICAL
Nvidia Triton Inference Server - Authentication Bypass Using an Alternate Path or Channel
May 20, 2026
CVSS 9.8
EPSS 0.00
CVE-2026-24206 HIGH
Nvidia Triton Inference Server < r26.03 - Authentication Bypass Using an Alternate Path or Channel
May 20, 2026
CVSS 7.3
EPSS 0.00
CVE-2026-24163 HIGH
NVIDIA TensorRT-LLM < 1.2 - Remote Code Execution via Unsafe RPC Deserialization
May 20, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-24160 MEDIUM
NVIDIA TensorRT-LLM < 1.2 - Denial of Service via Unchecked Return Value
May 20, 2026
CVSS 5.5
EPSS 0.00
CVE-2026-24142 MEDIUM
NVIDIA TensorRT-LLM < 1.2 - Remote Code Execution via Unsafe Deserialization
May 20, 2026
CVSS 6.3
EPSS 0.00
CVE-2026-24231 MEDIUM
NVIDIA NemoClaw < 0.0.13 - Server-Side Request Forgery via validateEndpointUrl() Bypass
Apr 28, 2026
CVSS 6.3
EPSS 0.00
CVE-2026-24222 HIGH
NVIDIA NeMoClaw < 0.0.18 - Exposure of Sensitive System Information via Sandbox Environment Initialization
Apr 28, 2026
CVSS 8.6
EPSS 0.00
CVE-2026-24204 MEDIUM
NVIDIA FLARE SDK < 2.7.2 - Path Traversal and Information Disclosure
Apr 28, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-24186 HIGH
NVIDIA FLARE SDK <2.7.2 - Deserialization
Apr 28, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-24178 CRITICAL
NVIDIA FLARE SDK < 2.7.2 - Unauthenticated Authorization Bypass via User-Controlled Key
Apr 28, 2026
CVSS 9.8
EPSS 0.00
CVE-2026-24189 HIGH
NVIDIA CUDA-Q < 0.14.0 - Unauthenticated Out-of-Bounds Read via Maliciously Crafted Request
Apr 21, 2026
CVSS 8.2
EPSS 0.00
CVE-2026-24177 HIGH
NVIDIA KAI Scheduler < 0.13.0 - Unauthenticated Information Disclosure via API Endpoints
Apr 21, 2026
CVSS 7.7
EPSS 0.00
CVE-2026-24176 MEDIUM
NVIDIA KAI Scheduler <0.13.0 - Auth Bypass
Apr 21, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-24175 HIGH
NVIDIA Triton Inference Server < 26.02 - Denial of Service via Malformed Request Header
Apr 07, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-24174 HIGH
NVIDIA Triton Inference Server < 26.02 - Denial of Service via Malformed Request
Apr 07, 2026
CVSS 7.5
EPSS 0.00
Products
gpu_driver 127 virtual_gpu 98 gpu_display_driver 69 jetson_linux 49 triton_inference_server 49 cuda_toolkit 46 virtual_gpu_manager 39 cloud_gaming 37 geforce_experience 37 nemo 31 dgx_a100_firmware 28 shield_experience 17 Triton Inference Server 16 dgx_h100_firmware 15 dgx_os 14 bmc 13 megatron-lm 13 GPU Display Drivers 12 jetson_tx1 11 jetson_tx2 11 cloud_gaming_guest 10 GeForce 8 NVIDIA RTX, Quadro, NVS 8 Tesla 8 geforce_gtx_950 8 geforce_gtx_960 8 geforce_gtx_970 8 geforce_gtx_980 8 geforce_gtx_titan_x 8 jetson_nano 8
Quick Filters
Critical CVEs With Exploits In CISA KEV