7.8
CVE-2026-24246
- EPSS 0.17%
- Veröffentlicht 01.07.2026 14:56:10
- Zuletzt bearbeitet 02.07.2026 14:56:25
- Quelle psirt@nvidia.com
- CVE-Watchlists
- Unerledigt
NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause improper control of dynamically managed code resources. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, and information disclosure.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Nvidia ≫ Nemo Megatron Bridge Version < 0.4.1
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.17% | 0.065 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| psirt@nvidia.com | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
|
CWE-470 Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')
The product uses external input with reflection to select which classes or code to use, but it does not sufficiently prevent the input from selecting improper classes or code.
https://github.com/NVIDIA/product-security/tree/main/2026/5841
https://nvd.nist.gov/vuln/detail/CVE-2026-24246
https://www.cve.org/CVERecord?id=CVE-2026-24246