CVE-2026-24228

Published: Giu 16, 2026 Last Modified: Giu 16, 2026
ExploitDB:
Other exploit source:
Google Dorks:
HIGH 7,8
Source: [email protected]
Attack Vector: local
Attack Complexity: low
Privileges Required: low
User Interaction: none
Scope: unchanged
Confidentiality: high
Integrity: high
Availability: high

Description

AI Translation Available

NVIDIA NeMo Framework for Linux contains a vulnerability where an attacker may cause deserialization of untrusted data. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, data tampering, and information disclosure.

502

Deserialization of Untrusted Data

Draft
Abstraction: Base Structure: Simple
Common Consequences
Security Scopes Affected:
Integrity Availability Other
Potential Impacts:
Modify Application Data Unexpected State Dos: Resource Consumption (Cpu) Varies By Context
Applicable Platforms
Languages: Java, Ruby, PHP, Python, JavaScript
Technologies: Not Technology-Specific, ICS/OT, AI/ML
Likelihood of Exploit: Medium
View CWE Details
Application

Nemo by Nvidia

Product Information
Vendor Nvidia
Product Nemo
Version Range Affected
To 2.7.3 (exclusive)
cpe:2.3:a:nvidia:nemo:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
https://nvd.nist.gov/vuln/detail/CVE-2026-24228
https://nvd.nist.gov/vuln/detail/CVE-2026-24228
https://nvidia.custhelp.com/app/answers/detail/a_id/5839
https://nvidia.custhelp.com/app/answers/detail/a_id/5839
https://www.cve.org/CVERecord?id=CVE-2026-24228
https://www.cve.org/CVERecord?id=CVE-2026-24228