CVE-2026-24228

Published: Jun 16, 2026Modified: Jun 17, 2026

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: psirt@nvidia.com (Secondary)

Description

NVIDIA NeMo Framework for Linux contains a vulnerability where an attacker may cause deserialization of untrusted data. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, data tampering, and information disclosure.

Affected (1)

Products: Nvidia: Nemo

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Nvidia Nemo	Before 2.7.3

Related CWEs

Deserialization of Untrusted Data

The product deserializes untrusted data without sufficiently verifying that the resulting data will be valid.

References (3)

https://nvd.nist.gov/vuln/detail/CVE-2026-24228

Source: psirt@nvidia.com

US Government Resource

https://nvidia.custhelp.com/app/answers/detail/a_id/5839

Source: psirt@nvidia.com

Vendor Advisory

https://www.cve.org/CVERecord?id=CVE-2026-24228

Source: psirt@nvidia.com

Third Party Advisory

Timeline

No history available yet.