What is the CVSS score of CVE-2026-24218?

CVE-2026-24218 has a CVSS 3.1 base score of 8.1 (High). CVSS vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 0.0%.

Which versions of NVIDIA DGX OS are affected by CVE-2026-24218?

The factory provisioning process for NVIDIA DGX OS (particularly DGX Spark deployments) installs identical SSH host keys across all similarly configured systems, enabling any attacker with knowledge…

How to fix or mitigate CVE-2026-24218?

24 hours: Execute discovery to identify all NVIDIA DGX OS systems in your environment (focusing on DGX Spark deployments), document OS versions and provisioning dates, and verify SSH host key duplication across systems. Review SSH access logs for the past 7 days for anomalous connection attempts. 7 days: Implement network segmentation by moving all DGX systems to isolated VLANs with restrictive firewall rules; enforce SSH key-based authentication only and disable password authentication; deploy host-based intrusion detection on DGX systems; begin coordinated SSH host key rotation with NVIDIA support. 30 days: Contact NVIDIA Security with CVE-2026-24218 reference to request patch timeline; complete SSH host key rotation across all DGX systems; conduct forensic review of SSH authentication logs for evidence of prior compromise; implement continuous monitoring of DGX SSH key changes and network anomalies.

NVIDIA DGX OS CVE-2026-24218

EUVD-2026-31142 HIGH

Use of Hard-coded Cryptographic Key (CWE-321)

2026-05-20 nvidia

GHSA-849r-hj58-p84g

RCE Denial Of Service Information Disclosure Nvidia

8.1

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

High

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

May 20, 2026 - 20:02 vuln.today

DescriptionNVD

NVIDIA DGX OS contains a vulnerability in the factory provisioning process, where the cloning of a base image causes identical SSH host keys to be deployed across multiple systems. The sharing of cryptographic identifiers across all similarly provisioned systems enables host impersonation or attacker-in-the-middle attacks. A successful exploit of this vulnerability might lead to code execution, data tampering, escalation of privileges, information disclosure, and denial of service.

AnalysisAI

Host impersonation and machine-in-the-middle attacks against NVIDIA DGX OS systems are possible because the factory provisioning process clones a base image that ships identical SSH host keys onto every similarly provisioned system, primarily affecting DGX Spark deployments. With a CVSS of 8.1 and a CWE-321 (Use of Hard-Coded Cryptographic Key) root cause, an unauthenticated network attacker who possesses the shared key material from any one device can impersonate peers, potentially leading to code execution, data tampering, privilege escalation, information disclosure, or denial of service. …

RemediationAI

24 hours: Execute discovery to identify all NVIDIA DGX OS systems in your environment (focusing on DGX Spark deployments), document OS versions and provisioning dates, and verify SSH host key duplication across systems. Review SSH access logs for the past 7 days for anomalous connection attempts. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory