Skip to main content

NVIDIA NVFlare Dashboard EUVDEUVD-2026-26075

| CVE-2026-24178 CRITICAL
Authorization Bypass Through User-Controlled Key (CWE-639)
2026-04-28 nvidia GHSA-jqp3-qrgh-4846
9.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
9.8 CRITICAL
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

5
Re-analysis Queued
Apr 28, 2026 - 20:23 vuln.today
cvss_changed
Analysis Generated
Apr 28, 2026 - 20:01 vuln.today
EUVD ID Assigned
Apr 28, 2026 - 19:30 euvd
EUVD-2026-26075
Analysis Generated
Apr 28, 2026 - 19:30 vuln.today
CVE Published
Apr 28, 2026 - 17:44 nvd
CRITICAL 9.8

Blast Radius

ecosystem impact
† from your stack dependencies † transitive graph · vuln.today resolves 4-path depth
  • 1 pypi packages depend on nvflare (1 direct, 0 indirect)

Ecosystem-wide dependent count for version 2.7.2.

DescriptionCVE.org

NVIDIA NVFlare Dashboard contains a vulnerability in the user management and authentication system where an unauthenticated attacker may cause authorization bypass through user-controlled key. A successful exploit of this vulnerability may lead to privilege escalation, data tampering, information disclosure, code execution, and denial of service.

AnalysisAI

Authentication bypass in NVIDIA NVFlare Dashboard allows remote unauthenticated attackers to escalate privileges through user-controlled key manipulation in the authentication system. The vulnerability affects the NVIDIA Flare SDK and enables complete system compromise including arbitrary code execution, data tampering, information disclosure, and denial of service. With a CVSS score of 9.8 (critical severity) and maximum exploitability metrics (AV:N/AC:L/PR:N/UI:N), this represents a severe security flaw requiring immediate remediation, though no active exploitation (KEV) or public exploit code has been identified at time of analysis.

Technical ContextAI

NVIDIA NVFlare (NVIDIA Federated Learning Application Runtime Environment) is a framework for secure federated learning across distributed systems. The Dashboard component provides user management and authentication services for this distributed ML platform. This vulnerability exploits CWE-639 (Authorization Bypass Through User-Controlled Key), where the authentication system improperly trusts user-supplied input to make authorization decisions. The flaw allows attackers to manipulate authentication keys or tokens to bypass the entire authentication mechanism. The affected product is identified by CPE cpe:2.3:a:nvidia:flare_sdk, indicating the core Flare SDK package contains the vulnerable Dashboard component. This class of vulnerability typically involves cryptographic weaknesses, session token manipulation, or flawed role-based access control implementations where user-supplied data directly influences authorization without proper validation.

RemediationAI

Apply the security update specified in NVIDIA Security Bulletin 5819 available at https://nvidia.custhelp.com/app/answers/detail/a_id/5819, which contains the patched version details and upgrade instructions. Until patching is complete, implement network segmentation to restrict Dashboard access to trusted internal networks only, enforcing IP allowlisting at firewall or reverse proxy layers to prevent unauthorized network access. Deploy multi-factor authentication mechanisms external to the Dashboard (such as VPN with MFA or zero-trust network access) as a defense-in-depth layer, though this does not eliminate the underlying vulnerability. Disable the Dashboard interface entirely if not actively required for operations, managing NVFlare deployments through command-line tools or API access with separate authentication controls. Monitor authentication logs for anomalous access patterns, failed login attempts from unexpected sources, or privilege escalation events. Note that network restrictions trade operational flexibility for security and may complicate legitimate remote administration workflows.

More in Nvidia

View all
CVE-2016-1741 CRITICAL POC
9.8 Mar 24

The NVIDIA driver in the Graphics Drivers subsystem in Apple OS X before 10.11.4 allows attackers to execute arbitrary c

CVE-2013-0109 HIGH POC
7.2 Apr 08

The NVIDIA driver before 307.78, and Release 310 before 311.00, in the NVIDIA Display Driver service on Windows does not

CVE-2019-5684 CRITICAL POC
10.0 Aug 06

NVIDIA Windows GPU Display Driver (all versions) contains a vulnerability in DirectX drivers, in which a specially craft

CVE-2026-24207 CRITICAL POC
9.8 May 20

Authentication bypass in NVIDIA Triton Inference Server allows unauthenticated remote attackers to reach protected funct

CVE-2019-5685 CRITICAL POC
9.8 Aug 06

NVIDIA Windows GPU Display Driver (all versions) contains a vulnerability in DirectX drivers, in which a specially craft

CVE-2025-23359 HIGH POC
8.3 Feb 12

NVIDIA Container Toolkit for Linux contains a Time-of-Check Time-of-Use (TOCTOU) vulnerability when used with default co

CVE-2016-8812 HIGH POC
8.8 Nov 08

For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA GeForce Experience R340 before GFE 2.11.4.125 and R375 before G

CVE-2016-1861 HIGH POC
7.8 Jun 19

The NVIDIA Graphics Drivers subsystem in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privi

CVE-2024-0132 HIGH POC
8.3 Sep 26

NVIDIA Container Toolkit 1.16.1 or earlier contains a Time-of-check Time-of-Use (TOCTOU) vulnerability when used with de

CVE-2016-1846 HIGH POC
7.8 May 20

The nvCommandQueue::GetHandleIndex method in the NVIDIA Graphics Drivers subsystem in Apple OS X before 10.11.5 allows a

CVE-2015-7865 HIGH POC
7.7 Nov 24

nvSCPAPISvr.exe in the Stereoscopic 3D Driver Service in the NVIDIA GPU graphics driver R340 before 341.92, R352 before

CVE-2016-8811 HIGH POC
7.8 Nov 08

For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 3

Share

EUVD-2026-26075 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy