CVE-2026-24142
Analyzed Analyzed - Analysis Complete
NVIDIA TRT-LLM Deserialization Vulnerability

Publication date: 2026-05-20

Last updated on: 2026-05-21

Assigner: NVIDIA Corporation

Description
NVIDIA TRT-LLM for any platform contains a deserialization vulnerability and unsafe serialized handle. A successful exploit of this vulnerability might lead to code execution, data tampering, and information disclosure.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-20
Last Modified
2026-05-21
Generated
2026-06-09
AI Q&A
2026-05-20
EPSS Evaluated
2026-06-08
NVD
CVE-2026-24142
EUVD
EUVD-2026-31056
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
nvidia tensorrt_llm to 1.2 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-502 The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

The vulnerability in NVIDIA TRT-LLM affects any platform and involves a deserialization flaw and an unsafe serialized handle.

Exploiting this vulnerability could allow an attacker to execute arbitrary code, tamper with data, and disclose sensitive information.

This weakness is categorized under CWE-502, which relates to the deserialization of untrusted data.

Impact Analysis

If exploited, this vulnerability can lead to several serious impacts including:

  • Execution of arbitrary code on the affected system.
  • Tampering with data, which could compromise data integrity.
  • Disclosure of sensitive information, potentially leading to data breaches.
Mitigation Strategies

The vulnerability involves unsafe deserialization in NVIDIA TRT-LLM which could lead to code execution, data tampering, and information disclosure.

To mitigate this vulnerability, it is recommended to follow NVIDIA's official guidance and updates on their support page as referenced by NVIDIA in their advisories.

Compliance Impact

This vulnerability in NVIDIA TRT-LLM could lead to code execution, data tampering, and information disclosure. Such impacts may affect compliance with standards and regulations like GDPR and HIPAA, which require protection of data confidentiality, integrity, and availability.

However, the provided information does not explicitly describe how this vulnerability affects compliance with these specific regulations or standards.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-24142. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart