Severity by source
AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Write-what-where reachable only via local process access with memory-shaping needed gives AV:L and AC:H; a controllable arbitrary write yields full C/I/A High impact within an unchanged scope.
Primary rating from Vendor (nvidia).
CVSS VectorVendor: nvidia
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
2DescriptionCVE.org
NVIDIA TensorRT-LLM contains a vulnerability where an attacker could cause a write-what-where condition. A successful exploit of this vulnerability might lead to data tampering, denial of service, and information disclosure.
Articles & Coverage 1
AnalysisAI
Memory corruption in NVIDIA TensorRT-LLM allows an attacker with local access to trigger a write-what-where primitive (CWE-123), enabling arbitrary memory writes that can corrupt data, crash the inference service, or leak sensitive information. The flaw carries a CVSS 7.4 (High) score with a local attack vector and high attack complexity, and affects the TensorRT-LLM library used to build and serve optimized large-language-model inference on NVIDIA GPUs. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires local access to the system or process running NVIDIA TensorRT-LLM (AV:L) - this is not a remote, internet-facing unauthenticated flaw despite PR:N, which here reflects no formal authentication step in the modeled local path. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The signals are mixed and point to a real-but-not-urgent issue. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker who can supply crafted inputs or artifacts to a locally reachable TensorRT-LLM inference process manipulates a controllable offset/pointer to write an attacker-chosen value to an attacker-chosen memory location. By repeatedly shaping memory (consistent with the AC:H requirement), they corrupt a control structure to leak model or process data, tamper with outputs, or crash the service. … |
| Remediation | No vendor-released patch identified at time of analysis in the provided data - check NVIDIA's official security bulletin for TensorRT-LLM and upgrade to the fixed release once published (the CVE was reported by NVIDIA, so a vendor advisory is expected). … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours, inventory all production and development systems running NVIDIA TensorRT-LLM and implement OS-level access controls to restrict local login privileges; disable non-critical TensorRT-LLM services and document all active deployments for risk prioritization. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
More in Tensorrt Llm
View allInsecure deserialization in NVIDIA TensorRT-LLM for Linux lets a local, low-privileged attacker abuse a weakness in the
Local privilege-context deserialization in NVIDIA TensorRT-LLM lets an attacker who already has same-user access to a ho
Heap-based buffer overflow in NVIDIA TensorRT-LLM's tensor deserialization path lets an adjacent, unauthenticated attack
Missing authentication in NVIDIA TensorRT-LLM for Linux lets an attacker reach the disaggregated orchestrator's FastAPI
NVIDIA TensorRT-LLM for Linux contains a vulnerability in the multimodal media fetching functions, where a network-acces
NVIDIA TensorRT-LLM for Linux contains a vulnerability where an attacker could cause missing authentication for a critic
NVIDIA TensorRT-LLM for any platform contains a vulnerability in visual gen server, where an attacker could cause an uns
NVIDIA TensorRT-LLM for Linux contains a vulnerability where an attacker could cause improper control of code generation
NVIDIA TensorRT-LLM contains a vulnerability in the OpenAI-compatible inference API, where an attacker could cause alloc
NVIDIA TensorRT-LLM contains a vulnerability in the OpenAI-compatible inference API where an attacker could trigger a re
NVIDIA TensorRT-LLM for any platform contains a vulnerability in the gRPC server chat API endpoint, where an attacker co
Same weakness CWE-123 – Write-what-where Condition
View allSame technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-44453
GHSA-472c-jr5h-crh5