Skip to main content

Tensorrt Llm CVE-2026-24220

| EUVDEUVD-2026-44462 MEDIUM
Deserialization of Untrusted Data (CWE-502)
2026-07-14 nvidia GHSA-6f54-qhg5-fhhf
6.4
CVSS 3.1 · Vendor: nvidia
Share

Severity by source

Vendor (nvidia) PRIMARY
6.4 MEDIUM
AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

Primary rating from Vendor (nvidia) · only source for this CVE.

CVSS VectorVendor: nvidia

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
High
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

DescriptionCVE.org

NVIDIA TensorRT-LLM for any platform contains a vulnerability in visual gen server, where an attacker could cause an unsafe deserialization by unauthorized zeroMQ deserialization. A successful exploit of this vulnerability might lead to code execution.

Analysis

NVIDIA TensorRT-LLM for any platform contains a vulnerability in visual gen server, where an attacker could cause an unsafe deserialization by unauthorized zeroMQ deserialization. A successful exploit of this vulnerability might lead to code execution.

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Threat intelligence, references, and detailed analysis are available after sign-in.

CVE-2026-24233 HIGH
8.4 Jul 14

Insecure deserialization in NVIDIA TensorRT-LLM for Linux lets a local, low-privileged attacker abuse a weakness in the

CVE-2026-47472 HIGH
7.8 Jul 14

Local privilege-context deserialization in NVIDIA TensorRT-LLM lets an attacker who already has same-user access to a ho

CVE-2026-47471 HIGH
7.5 Jul 14

Heap-based buffer overflow in NVIDIA TensorRT-LLM's tensor deserialization path lets an adjacent, unauthenticated attack

CVE-2026-47473 HIGH
7.4 Jul 14

Memory corruption in NVIDIA TensorRT-LLM allows an attacker with local access to trigger a write-what-where primitive (C

CVE-2026-24229 HIGH
7.3 Jul 14

Missing authentication in NVIDIA TensorRT-LLM for Linux lets an attacker reach the disaggregated orchestrator's FastAPI

CVE-2026-24234 MEDIUM
6.8 Jul 14

NVIDIA TensorRT-LLM for Linux contains a vulnerability in the multimodal media fetching functions, where a network-acces

CVE-2026-24259 MEDIUM
6.4 Jul 14

NVIDIA TensorRT-LLM for Linux contains a vulnerability where an attacker could cause missing authentication for a critic

CVE-2026-24226 MEDIUM
6.3 Jul 14

NVIDIA TensorRT-LLM for Linux contains a vulnerability where an attacker could cause improper control of code generation

CVE-2026-24271 MEDIUM
6.2 Jul 14

NVIDIA TensorRT-LLM contains a vulnerability in the OpenAI-compatible inference API, where an attacker could cause alloc

CVE-2026-47475 MEDIUM
6.2 Jul 14

NVIDIA TensorRT-LLM contains a vulnerability in the OpenAI-compatible inference API where an attacker could trigger a re

CVE-2026-47470 MEDIUM
6.2 Jul 14

NVIDIA TensorRT-LLM for any platform contains a vulnerability in the gRPC server chat API endpoint, where an attacker co

Share

CVE-2026-24220 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy