CVE-2026-24162
Analyzed Analyzed - Analysis Complete
Improper Deserialization in NVIDIA Transformers4Rec for Linux

Publication date: 2026-05-26

Last updated on: 2026-06-04

Assigner: NVIDIA Corporation

Description
NVIDIA Transformers4Rec for Linux contains a vulnerability where an attacker could cause improper deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, data tampering, and information disclosure.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-26
Last Modified
2026-06-04
Generated
2026-06-16
AI Q&A
2026-05-26
EPSS Evaluated
2026-06-14
NVD
CVE-2026-24162
EUVD
EUVD-2026-31854
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
nvidia transformers4rec to 2026-03-11 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-502 The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Compliance Impact

The vulnerability in NVIDIA Transformers4Rec for Linux involves improper deserialization of untrusted data, which can lead to code execution, data tampering, and information disclosure.

Such impactsβ€”especially data tampering and information disclosureβ€”could potentially affect compliance with standards and regulations like GDPR and HIPAA, which require protection of sensitive data and maintaining data integrity and confidentiality.

However, the provided information does not explicitly describe the direct effects on compliance with these standards.

Executive Summary

CVE-2026-24162 is a vulnerability in NVIDIA Transformers4Rec for Linux that involves improper deserialization of untrusted data.

If exploited successfully, this vulnerability could allow an attacker to execute arbitrary code, tamper with data, and disclose sensitive information.

Impact Analysis

A successful exploit of this vulnerability might lead to code execution, data tampering, and information disclosure.

  • Execution of arbitrary code could allow attackers to take control of affected systems.
  • Data tampering could compromise the integrity of your data.
  • Information disclosure could expose sensitive or confidential information.
Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-24162. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart