16 matches found
CVE-2026-24231
NVIDIA NemoClaw contains a vulnerability in the validateEndpointUrl SSRF protection component, where an attacker could cause a server-side request forgery by supplying a crafted endpoint URL referencing the 0.0.0.0/8 address range through a blueprint configuration file or CLI flag. A successful...
CVE-2026-24222
NVIDIA NeMoClaw contains a vulnerability in the sandbox environment initialization component, where a remote attacker could cause improper access control by sending prompt-injected content that causes the agent to read and exfiltrate host environment variables not properly restricted during sandb...
CVE-2026-24231
NVIDIA NemoClaw contains a vulnerability in the validateEndpointUrl SSRF protection component, where an attacker could cause a server-side request forgery by supplying a crafted endpoint URL referencing the 0.0.0.0/8 address range through a blueprint configuration file or CLI flag. A successful...
CVE-2026-24222
NVIDIA NeMoClaw contains a vulnerability in the sandbox environment initialization component, where a remote attacker could cause improper access control by sending prompt-injected content that causes the agent to read and exfiltrate host environment variables not properly restricted during sandb...
CVE-2026-24231
NVIDIA NemoClaw contains a vulnerability in the validateEndpointUrl SSRF protection component, where an attacker could cause a server-side request forgery by supplying a crafted endpoint URL referencing the 0.0.0.0/8 address range through a blueprint configuration file or CLI flag. A successful...
EUVD-2026-26080
NVIDIA NemoClaw contains a vulnerability in the validateEndpointUrl SSRF protection component, where an attacker could cause a server-side request forgery by supplying a crafted endpoint URL referencing the 0.0.0.0/8 address range through a blueprint configuration file or CLI flag. A successful...
CVE-2026-24231
NVIDIA NemoClaw contains a vulnerability in the validateEndpointUrl SSRF protection component, where an attacker could cause a server-side request forgery by supplying a crafted endpoint URL referencing the 0.0.0.0/8 address range through a blueprint configuration file or CLI flag. A successful...
CVE-2026-24231
NVIDIA NemoClaw is affected by CVE-2026-24231 in the validateEndpointUrl() SSRF protection pathway. A crafted endpoint URL referencing the 0.0.0.0/8 range through a blueprint configuration or CLI flag can trigger a server-side request forgery and may lead to information disclosure. The NVIDIA sec...
CVE-2026-24231
NVIDIA NemoClaw contains a vulnerability in the validateEndpointUrl SSRF protection component, where an attacker could cause a server-side request forgery by supplying a crafted endpoint URL referencing the 0.0.0.0/8 address range through a blueprint configuration file or CLI flag. A successful...
CVE-2026-24222
NVIDIA NemoClaw vulnerability CVE-2026-24222 affects the sandbox environment initialization component. A remote attacker can cause improper access control by sending prompt-injected content, leading to reading/exfiltrating host environment variables not properly restricted during sandbox creation...
EUVD-2026-26079
NVIDIA NeMoClaw contains a vulnerability in the sandbox environment initialization component, where a remote attacker could cause improper access control by sending prompt-injected content that causes the agent to read and exfiltrate host environment variables not properly restricted during sandb...
Security Bulletin: NVIDIA NemoClaw - April 2026
NVIDIA has released a software update for NVIDIA® NemoClaw. To protect your system, clone or update this software to v0.0.18 or later from NVIDIA/NemoClaw on GitHub. Go to NVIDIA Product Security. Details The following table summarizes the potential vulnerabilities that this security update...
PT-2026-35757
NVIDIA NemoClaw contains a vulnerability in the validateEndpointUrl SSRF protection component, where an attacker could cause a server-side request forgery by supplying a crafted endpoint URL referencing the 0.0.0.0/8 address range through a blueprint configuration file or CLI flag. A successful...
PT-2026-35756
NVIDIA NeMoClaw contains a vulnerability in the sandbox environment initialization component, where a remote attacker could cause improper access control by sending prompt-injected content that causes the agent to read and exfiltrate host environment variables not properly restricted during sandb...
NVIDIA NeMoClaw 安全漏洞
NVIDIA NeMoClaw is a large-scale behavior constraint and security control framework developed by NVIDIA Corporation in the United States. NVIDIA NeMoClaw has a security vulnerability. This vulnerability stems from issues with the sandbox environment initialization components. It may allow remote...
NVIDIA NeMoClaw 代码问题漏洞
NVIDIA NemoClaw is a large-scale behavior constraint and security control framework developed by NVIDIA Corporation in the United States. NVIDIA NemoClaw has code vulnerabilities; these vulnerabilities stem from issues with the SSRF protection component of the validateEndpointUrl function...