Skip to main content
ZDI-CAN-28090 HIGH 7.8 Overdue Feb 05, 2026

NVIDIA

NVIDIA is a major technology company known for graphics processors, AI chips, and data center hardware. This high-severity vulnerability (CVSS 7.8) requires local access and user interaction to exploit, but causes significant damage across confidentiality, integrity, and availability once compromised—no authentication is needed. Security teams should monitor for exploitation attempts targeting NVIDIA driver and software updates, as this vulnerability could be leveraged in supply chain attacks or targeted campaigns against organizations relying on NVIDIA hardware.

Advisory Details
Researcher Michael DePlante (@izobashi) of TrendAI Zero Day Initiative
Reported February 05, 2026
Deadline June 05, 2026 42d overdue
CVSS Vector AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy