Severity by source
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Local artifact must be loaded by a victim, so AV:L and UI:R; attacker needs no privileges (PR:N), and pickle-style deserialization yields full C/I/A code execution.
Primary rating from Vendor (nvidia).
CVSS VectorVendor: nvidia
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Lifecycle Timeline
2DescriptionCVE.org
NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, and information disclosure.
Articles & Coverage 1
AnalysisAI
Insecure deserialization in NVIDIA Megatron Bridge for Linux (CWE-502) lets an attacker who supplies a crafted serialized object achieve code execution, privilege escalation, data tampering, and information disclosure when a local user loads that data. The CVSS 3.1 vector (AV:L/AC:L/PR:N/UI:R) shows the attack is local and hinges on the victim opening attacker-controlled content, with no public exploit identified at time of analysis. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires the victim to load attacker-controlled serialized data (a malicious model checkpoint, configuration, or cached state file) into NVIDIA Megatron Bridge - this is the concrete prerequisite implied by CWE-502 combined with the UI:R metric. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | Signals are moderate and internally consistent: the CVSS base score is 7.8 (High), driven by high confidentiality, integrity, and availability impact, but the attack vector is Local (AV:L) and requires user interaction (UI:R), meaning an attacker cannot exploit this remotely or automatically - a local user must load the malicious serialized data. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker publishes or shares a malicious Megatron Bridge model checkpoint or config file (for example on a public model hub or via a shared training bucket) embedding a crafted serialized payload. A data scientist downloads it and loads it with Megatron Bridge on their Linux workstation or training node, and the deserialization routine executes the attacker's code in the victim's context, enabling privilege escalation, data theft, or tampering. … |
| Remediation | Consult NVIDIA's advisory at https://github.com/NVIDIA/product-security/tree/main/2026/5841 and upgrade to the vendor-designated fixed release; a specific patched version number is not present in the provided data, so no vendor-released patch version is independently confirmed at time of analysis - verify the exact fix version directly from that advisory before deploying. … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours: Identify all systems running NVIDIA Megatron Bridge and map data access patterns; assess which teams handle external or untrusted serialized data objects. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
More in Megatron Bridge
View allArbitrary code execution in NVIDIA Megatron Bridge for Linux stems from improper control of code generation (CWE-94), al
Arbitrary code execution in NVIDIA Megatron Bridge (all versions per the NVIDIA advisory) arises from unsafe deserializa
Arbitrary code execution in NVIDIA Megatron Bridge on Linux arises from unsafe reflection (CWE-470), where externally-co
Deserialization of untrusted data in NVIDIA Megatron Bridge for Linux (CWE-502) can lead to arbitrary code execution, pr
Deserialization of untrusted data in NVIDIA Megatron Bridge for Linux allows a low-privileged local attacker to achieve
Local code execution and privilege escalation in NVIDIA Megatron Bridge (Linux) stems from unsafe handling of dynamicall
Local privilege escalation and code execution in NVIDIA Megatron Bridge for Linux stems from unsafe deserialization of a
Arbitrary code execution in NVIDIA Megatron Bridge for Linux arises from unsafe deserialization of untrusted data (CWE-5
Arbitrary code execution and privilege escalation in NVIDIA Megatron Bridge on Linux arises from unsafe deserialization
Server-side request forgery in NVIDIA Megatron Bridge for Linux allows an attacker to coerce the software into issuing a
NVIDIA Megatron Bridge contains a vulnerability in a data shuffling tutorial, where malicious input could cause a code i
NVIDIA Megatron Bridge contains a vulnerability in a data merging tutorial, where malicious input could cause a code inj
Same weakness CWE-502 – Deserialization of Untrusted Data
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-41015
GHSA-wf95-v233-352g