EUVD-2026-31144
GHSA-3wq4-xjpf-pj4j
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
NVIDIA BioNeMo Core for Linux contains a vulnerability where a user could cause a path traversal by loading a malicious file. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering.
AnalysisAI
Path traversal in NVIDIA BioNeMo Core for Linux allows remote attackers to escape intended directory boundaries when a user is induced to load a malicious file, enabling code execution, information disclosure, data tampering, or denial of service. The flaw carries a high CVSS score of 8.8 driven by network reachability and full CIA impact, though exploitation requires user interaction; no public exploit identified at time of analysis.
Sign in for full analysis, threat intelligence, and remediation guidance.
RemediationAI
24 hours: Inventory all systems running NVIDIA BioNeMo Core; classify by production criticality and data sensitivity. 7 days: Implement strict file input validation and restrict file sources to trusted channels only; isolate affected systems from untrusted networks where feasible. …
Sign in for detailed remediation steps.
More from same product – last 7 days
Share
External POC / Exploit Code
Leaving vuln.today