CVE-2026-24162
Improper Deserialization in NVIDIA Transformers4Rec for Linux
Publication date: 2026-05-26
Last updated on: 2026-05-26
Assigner: NVIDIA Corporation
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| nvidia | transformers4rec | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-502 | The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-24162 is a vulnerability in NVIDIA Transformers4Rec for Linux that involves improper deserialization of untrusted data.
If exploited successfully, this vulnerability could allow an attacker to execute arbitrary code, tamper with data, and disclose sensitive information.
How can this vulnerability impact me? :
A successful exploit of this vulnerability might lead to code execution, data tampering, and information disclosure.
- Execution of arbitrary code could allow attackers to take control of affected systems.
- Data tampering could compromise the integrity of your data.
- Information disclosure could expose sensitive or confidential information.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability in NVIDIA Transformers4Rec for Linux involves improper deserialization of untrusted data, which can lead to code execution, data tampering, and information disclosure.
Such impactsβespecially data tampering and information disclosureβcould potentially affect compliance with standards and regulations like GDPR and HIPAA, which require protection of sensitive data and maintaining data integrity and confidentiality.
However, the provided information does not explicitly describe the direct effects on compliance with these standards.