Lucene search
K

10700 matches found

Nuclei
Nuclei
added yesterday13 views

Flowise - NVIDIA NIM Endpoints Missing Authentication

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.0.13, the NVIDIA NIM router /api/v1/nvidia-nim/ is whitelisted in the global authentication middleware, allowing unauthenticated access to privileged container management and token generati...

9.8CVSS5.9AI score0.3625EPSS
Exploits2References3
RedHat Linux
RedHat Linux
added yesterday5 views

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for NVIDIA for RHEL 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

7.8CVSS7AI score0.00129EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 5 days ago4 views

NVIDIA Container Toolkit < 1.19.1 TOCTOU Race Condition (June 2026)

The version of NVIDIA Container Toolkit installed on the remote host is prior to 1.19.1. It is, therefore, affected by a vulnerability as referenced in the June 2026 advisory. - NVIDIA Container Toolkit for Linux contains a vulnerability where an attacker could cause a time-of-check time-of-use...

8.5CVSS6.1AI score0.00489EPSS
Exploits0References2
NVD
NVD
added 2026/07/01 4:16 p.m.11 views

CVE-2026-24270

NVIDIA AIStore framework contains a vulnerability where an attacker could bypass authentication. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, and data tampering...

9.8CVSS0.00842EPSS
Exploits0References3
NVD
NVD
added 2026/07/01 4:16 p.m.8 views

CVE-2026-24246

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause improper control of dynamically managed code resources. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, and information disclosure...

7.8CVSS0.00169EPSS
Exploits0References3
NVD
NVD
added 2026/07/01 4:16 p.m.10 views

CVE-2026-24260

NVIDIA Container Toolkit for Linux contains a vulnerability where an attacker could cause a time-of-check time-of-use race condition. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, and data tampering...

8.5CVSS0.00489EPSS
Exploits0References3
NVD
NVD
added 2026/07/01 4:16 p.m.11 views

CVE-2026-24248

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause improper control of code generation. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, and information disclosure...

7.8CVSS0.00175EPSS
Exploits0References3
NVD
NVD
added 2026/07/01 4:16 p.m.10 views

CVE-2026-24250

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause improper validation of allowed inputs. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, and information disclosure...

7.8CVSS0.00155EPSS
Exploits0References3
NVD
NVD
added 2026/07/01 4:16 p.m.10 views

CVE-2026-24251

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause improper control of dynamically managed code resources. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, and information disclosure...

7.8CVSS0.00155EPSS
Exploits0References3
NVD
NVD
added 2026/07/01 4:16 p.m.11 views

CVE-2026-24240

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, and information disclosure...

7.8CVSS0.00165EPSS
Exploits0References3
NVD
NVD
added 2026/07/01 4:16 p.m.10 views

CVE-2026-24244

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, and information disclosure...

7.8CVSS0.00154EPSS
Exploits0References3
NVD
NVD
added 2026/07/01 4:16 p.m.11 views

CVE-2026-24245

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, and information disclosure...

7.8CVSS0.00154EPSS
Exploits0References3
NVD
NVD
added 2026/07/01 4:16 p.m.10 views

CVE-2026-24243

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, and information disclosure...

7.8CVSS0.00175EPSS
Exploits0References3
NVD
NVD
added 2026/07/01 4:16 p.m.8 views

CVE-2025-23350

NVIDIA ConnectX and BlueField contain a vulnerability in the command interface where a local user with virtual function VF access may cause a write out of bounds by crafted input. A successful exploit of this vulnerability may lead to arbitrary code execution on the device...

9CVSS0.00269EPSS
Exploits0References3
NVD
NVD
added 2026/07/01 4:16 p.m.9 views

CVE-2025-23351

NVIDIA ConnectX and BlueField contain a vulnerability in the command interface where a local user with virtual function VF access may cause a write out of bounds by crafted input. A successful exploit of this vulnerability may lead to arbitrary code execution on the device...

9CVSS0.00269EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/07/01 3:12 p.m.31 views

CVE-2026-24270

NVIDIA AIStore framework contains a vulnerability where an attacker could bypass authentication. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, and data tampering...

9.8CVSS0.00842EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/07/01 3:11 p.m.5 views

CVE-2026-24266

NVIDIA Triton Inference Server for Linux contains a vulnerability where an attacker can cause a use-after-free issue. A successful exploit of this vulnerability might lead to denial of service...

5.9CVSS5.8AI score0.00717EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/07/01 3:11 p.m.5 views

CVE-2026-24264

NVIDIA Triton Inference Server for Linux contains a vulnerability where an attacker can cause improper handling of highly compressed data. A successful exploit of this vulnerability might lead to denial of service...

7.5CVSS5.8AI score0.00774EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/07/01 3:11 p.m.38 views

CVE-2026-24264

NVIDIA Triton Inference Server for Linux contains a vulnerability where an attacker can cause improper handling of highly compressed data. A successful exploit of this vulnerability might lead to denial of service...

7.5CVSS0.00774EPSS
Exploits0References3
CVE
CVE
added 2026/07/01 3:11 p.m.12 views

CVE-2026-24264

CVE-2026-24264 affects NVIDIA Triton Inference Server for Linux. The security bulletin documents that an attacker can cause improper handling of highly compressed data, with the impact being denial of service . The vulnerability is addressed by updating to Triton Server r26.04 or later . Affected...

7.5CVSS5.8AI score0.00774EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder