What is the CVSS score of EUVD-2026-31854?

EUVD-2026-31854 has a CVSS 3.1 base score of 7.8 (High). CVSS vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H. EPSS exploitation probability: 0.0%.

Which versions of NVIDIA Transformers4Rec are affected by EUVD-2026-31854?

NVIDIA Merlin Transformers4Rec contains a high-severity insecure deserialization vulnerability enabling code execution when a local attacker tricks a user into loading a malicious serialized object.

How to fix or mitigate EUVD-2026-31854?

24 hours: Identify all systems running NVIDIA Merlin Transformers4Rec (vulnerable: commits prior to March 11, 2026) and restrict local access via file permissions and login controls. 7 days: Implement monitoring for suspicious deserialization activity; restrict user ability to load untrusted serialized objects; isolate affected systems from production data networks if feasible. 30 days: Monitor NVIDIA's official releases for patched version (main branch contains fix post-March 11, 2026; await official release). Deploy immediately upon availability.

NVIDIA Transformers4Rec EUVD-2026-31854

| CVE-2026-24162 HIGH

Deserialization of Untrusted Data (CWE-502)

2026-05-26 nvidia

GHSA-xh7m-p996-h2f6

Information Disclosure Nvidia Deserialization RCE Merlin Transformers4Rec

7.8

CVSS 3.1 · NVD

Severity by source

NVD PRIMARY

7.8 HIGH

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Jun 08, 2026 - 10:16 vuln.today

CVE Published

May 26, 2026 - 16:12 nvd

HIGH 7.8

DescriptionCVE.org

NVIDIA Transformers4Rec for Linux contains a vulnerability where an attacker could cause improper deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, data tampering, and information disclosure.

AnalysisAI

Insecure deserialization in NVIDIA Merlin Transformers4Rec on Linux allows a local attacker to achieve code execution, data tampering, and information disclosure by tricking a user into loading a malicious serialized object. The flaw affects all Main-branch commits prior to March 11, 2026, and currently has no public exploit identified at time of analysis, with a very low EPSS score (0.02%) reflecting limited real-world activity. …

Unlock full vulnerability intelligence

Risk assessment & exploitation conditions
Attack chain visualization
Remediation with exact patch versions
Threat intelligence from 22 sources
Personal watchlist & email alerts

Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access

Craft malicious serialized model artifact

Delivery

Publish to model hub or share with target

Exploit

Victim loads artifact via Transformers4Rec

Execution

Trigger deserialization gadget chain

Persist

Execute code as ML user

Impact

Exfiltrate credentials and tamper with models

Access

Craft malicious serialized model artifact

Delivery

Publish to model hub or share with target

Exploit

Victim loads artifact via Transformers4Rec

Execution

Trigger deserialization gadget chain

Persist

Execute code as ML user

Impact

Exfiltrate credentials and tamper with models

Vulnerability AssessmentAI

Exploitation	Exploitation requires a victim with Transformers4Rec installed to deserialize an attacker-supplied artifact - typically a model checkpoint, tokenizer state, or dataset file loaded through the library's standard load paths - which matches the CVSS UI:R (user interaction required) and AV:L (local) values. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment	Signals are mixed but coherent once interpreted correctly: CVSS 7.8 looks severe, but the vector AV:L/AC:L/PR:N/UI:R confirms this is a LOCAL attack requiring user interaction - almost certainly a victim loading a malicious model file - not a remotely reachable RCE. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario	An attacker publishes a malicious pre-trained recommendation model or session-data artifact to a public hub, model zoo, or shared internal bucket, then a data scientist on a Linux workstation or training node loads it through Transformers4Rec's standard API. Deserialization executes the attacker's embedded payload under the user's account, granting code execution that can exfiltrate cloud credentials from the environment, tamper with downstream model weights, or pivot inside the MLOps cluster. …
Remediation	Upstream fix available (commit on Main dated March 11, 2026); released patched version not independently confirmed in the supplied data, so consult NVIDIA advisory 5838 at https://nvidia.custhelp.com/app/answers/detail/a_id/5838 for the exact tagged release and update Transformers4Rec to that build. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

24 hours: Identify all systems running NVIDIA Merlin Transformers4Rec (vulnerable: commits prior to March 11, 2026) and restrict local access via file permissions and login controls. …

Threat intelligence, references, and detailed analysis are available after sign-in.

EUVD-2026-31854 vulnerability details – vuln.today

Back

NVIDIA Transformers4Rec EUVD-2026-31854

Severity by source

CVSS VectorNVD

Lifecycle Timeline

DescriptionCVE.org

AnalysisAI

Unlock full vulnerability intelligence

Attack ChainAIDerived

Vulnerability AssessmentAI

Recommended ActionAI

Share

External POC / Exploit Code