CVE-2026-24156

| EUVD-2026-19753 HIGH
2026-04-07 nvidia
7.3
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

3
EUVD ID Assigned
Apr 07, 2026 - 18:00 euvd
EUVD-2026-19753
Analysis Generated
Apr 07, 2026 - 18:00 vuln.today
CVE Published
Apr 07, 2026 - 17:11 nvd
HIGH 7.3

Tags

Nvidia RCE Deserialization

Description

NVIDIA DALI contains a vulnerability where an attacker could cause a deserialization of untrusted data. A successful exploit of this vulnerability might lead to arbitrary code execution.

Analysis

Arbitrary code execution in NVIDIA DALI (all versions prior to 2.0) allows local authenticated attackers with low privileges to execute malicious code by exploiting insecure deserialization of untrusted data, requiring user interaction. EPSS exploitation probability and KEV status data not available; no public exploit identified at time of analysis. …

Sign in for full analysis, threat intelligence, and remediation guidance.

Remediation

Within 24 hours: Audit all systems running NVIDIA DALI versions prior to 2.0; identify which contain sensitive data or critical ML pipelines and document current version inventory. Within 7 days: Restrict DALI system access to trusted users only; disable or isolate DALI instances processing sensitive data until patched; contact NVIDIA for patch availability timeline and workaround guidance. …

Sign in for detailed remediation steps.

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Sign in - Free

Priority Score

37
Low Medium High Critical
KEV: 0
EPSS: +0.1
CVSS: +36
POC: 0

Share

CVE-2026-24156 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy