CVE-2026-24163
NVIDIA TRT-LLM RPC Unsafe Deserialization Flaw
Publication date: 2026-05-20
Last updated on: 2026-05-20
Assigner: NVIDIA Corporation
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| nvidia | trt-llm | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-502 | The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-24163 is a vulnerability in NVIDIA TRT-LLM affecting all platforms, specifically related to RPC testing.
The vulnerability involves unsafe deserialization, which means that an attacker could exploit the system by sending maliciously crafted data that is deserialized in an unsafe manner.
Successful exploitation of this vulnerability could lead to serious consequences such as code execution, denial of service, data tampering, and information disclosure.
How can this vulnerability impact me? :
If exploited, this vulnerability can have multiple severe impacts including:
- Code execution - allowing an attacker to run arbitrary code on the affected system.
- Denial of service - causing the system or application to become unavailable.
- Data tampering - unauthorized modification of data.
- Information disclosure - unauthorized access to sensitive information.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided information does not specify how this vulnerability affects compliance with common standards and regulations such as GDPR or HIPAA.