Severity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Local deserialization of shared artifacts needs an existing low-privilege foothold (AV:L, PR:L), triggers with no victim interaction (UI:N), and yields full code execution (C/I/A:H).
Primary rating from Vendor (nvidia).
CVSS VectorVendor: nvidia
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
2DescriptionCVE.org
NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause improper control of dynamically managed code resources. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, and information disclosure.
Articles & Coverage 1
AnalysisAI
Local code execution and privilege escalation in NVIDIA Megatron Bridge (Linux) stems from unsafe handling of dynamically managed code resources, rooted in an insecure deserialization flaw (CWE-502). A low-privileged local user who can influence the data or model artifacts Megatron Bridge loads can achieve arbitrary code execution, escalate privileges, tamper with data, and disclose information. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires local access with at least low-level privileges (PR:L) on a Linux host running NVIDIA Megatron Bridge, plus the ability to supply or influence a serialized artifact - a model checkpoint, saved model/optimizer state, or configuration object - that Megatron Bridge subsequently deserializes (the CWE-502 trigger). … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 3.1 vector (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H, score 7.8 High) describes a local, low-complexity attack requiring low privileges and no user interaction, with high impact to confidentiality, integrity, and availability but no scope change. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | In a shared ML training cluster, a low-privileged user uploads a maliciously crafted model checkpoint or configuration file to a directory consumed by Megatron Bridge. When another user or a higher-privileged automated job loads that artifact, the embedded serialized payload is deserialized and executes attacker-controlled code in the victim's context, yielding privilege escalation and data access. … |
| Remediation | Consult the NVIDIA product-security advisory at https://github.com/NVIDIA/product-security/tree/main/2026/5841 for the fixed release and upgrade Megatron Bridge to the vendor-patched version once identified; no exact fix version is provided in the input data, so treat 'Patch available per vendor advisory' as the status and verify the version directly from NVIDIA's advisory rather than assuming a number. … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours: Audit production deployments of NVIDIA Megatron Bridge; document all model artifact sources and their vetting procedures. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
More in Megatron Bridge
View allArbitrary code execution in NVIDIA Megatron Bridge for Linux stems from improper control of code generation (CWE-94), al
Arbitrary code execution in NVIDIA Megatron Bridge (all versions per the NVIDIA advisory) arises from unsafe deserializa
Insecure deserialization in NVIDIA Megatron Bridge for Linux (CWE-502) lets an attacker who supplies a crafted serialize
Arbitrary code execution in NVIDIA Megatron Bridge on Linux arises from unsafe reflection (CWE-470), where externally-co
Deserialization of untrusted data in NVIDIA Megatron Bridge for Linux (CWE-502) can lead to arbitrary code execution, pr
Deserialization of untrusted data in NVIDIA Megatron Bridge for Linux allows a low-privileged local attacker to achieve
Local privilege escalation and code execution in NVIDIA Megatron Bridge for Linux stems from unsafe deserialization of a
Arbitrary code execution in NVIDIA Megatron Bridge for Linux arises from unsafe deserialization of untrusted data (CWE-5
Arbitrary code execution and privilege escalation in NVIDIA Megatron Bridge on Linux arises from unsafe deserialization
Server-side request forgery in NVIDIA Megatron Bridge for Linux allows an attacker to coerce the software into issuing a
NVIDIA Megatron Bridge contains a vulnerability in a data shuffling tutorial, where malicious input could cause a code i
NVIDIA Megatron Bridge contains a vulnerability in a data merging tutorial, where malicious input could cause a code inj
Same weakness CWE-502 – Deserialization of Untrusted Data
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-41020
GHSA-5h5c-69mg-qp94