CVE-2026-24157
CVE-2026-24157
7.8
HighPublished:
Last updated:
Source:psirt@nvidia.com
Analyzed
Weakness (CWE)
CVSS Vector
v3.1- Attack Vector
- Local
- Attack Complexity
- Low
- Privileges Required
- Low
- User Interaction
- None
- Scope
- Unchanged
- Confidentiality
- High
- Integrity
- High
- Availability
- High
Description
NVIDIA NeMo Framework contains a vulnerability in checkpoint loading where an attacker could cause remote code execution. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure and data tampering.
References
psirt@nvidia.com
https://nvd.nist.gov/vuln/detail/CVE-2026-24157psirt@nvidia.com
https://nvidia.custhelp.com/app/answers/detail/a_id/5800psirt@nvidia.com
https://www.cve.org/CVERecord?id=CVE-2026-24157