NVIDIA

NVIDIA, a major manufacturer of graphics processors and AI computing hardware, has a high-severity local vulnerability (CVSS 7.8) that requires user interaction but no authentication to exploit, potentially allowing attackers with local access to compromise confidentiality, integrity, and availability of affected systems. The vulnerability is particularly concerning because it can be triggered through user interaction on a local machine without requiring special privileges. Security teams should prioritize patching once NVIDIA releases fixes by the April 30, 2026 deadline and monitor systems for unusual local activity or privilege escalation attempts targeting NVIDIA software or drivers.