CVE-2026-24160
Null Pointer Dereference in NVIDIA TRT-LLM
Publication date: 2026-05-20
Last updated on: 2026-05-20
Assigner: NVIDIA Corporation
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| nvidia | trt-llm | to 2.0|start_including=4.0 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-690 | The product does not check for an error after calling a function that can return with a NULL pointer if the function fails, which leads to a resultant NULL pointer dereference. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in NVIDIA TRT-LLM on any platform, where an attacker can cause an unchecked return value to lead to a null pointer dereference.
A null pointer dereference occurs when the software attempts to use a pointer that has a null value, which can cause the program to crash or behave unexpectedly.
Exploiting this vulnerability might result in a denial of service condition, meaning the affected software could stop functioning properly.
How can this vulnerability impact me? :
If exploited, this vulnerability can cause a denial of service (DoS) in the NVIDIA TRT-LLM software.
A denial of service means that the software or system may crash or become unavailable, potentially disrupting operations that rely on it.
Since the vulnerability does not affect confidentiality or integrity, the primary impact is availability loss.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
There is no information provided in the available context or resources about how this vulnerability affects compliance with common standards and regulations such as GDPR or HIPAA.