CVE-2026-24188
NVIDIA · TensorRT
NVIDIA TensorRT contains an out-of-bounds write vulnerability that could potentially allow an attacker to execute arbitrary code or cause a system crash.
Executive summary
An out-of-bounds write vulnerability in NVIDIA TensorRT introduces a critical risk of memory corruption and potential arbitrary code execution.
Vulnerability
The vulnerability stems from an out-of-bounds write condition within the TensorRT library. An attacker could exploit this memory corruption issue to overwrite critical memory regions, potentially leading to application instability or unauthorized code execution.
Business impact
The CVSS score of 8.2 classifies this as a high-severity vulnerability with significant security implications. Exploitation could lead to the compromise of GPU-accelerated workloads, potential data exfiltration, or denial-of-service, impacting both operational continuity and system integrity.
Remediation
Immediate Action: Identify all instances of TensorRT in your environment and apply the latest security patches provided by NVIDIA as soon as they become available.
Proactive Monitoring: Review application logs for crashes or abnormal memory usage patterns that may indicate an attempt to trigger the out-of-bounds write condition.
Compensating Controls: Isolate TensorRT-dependent applications within segmented network zones to limit the potential reach of an attacker attempting to exploit memory-based vulnerabilities.
Exploitation status
Public Exploit Available: false
Analyst recommendation
Memory-based vulnerabilities like out-of-bounds writes are frequently targeted by attackers to bypass security controls. Organizations using TensorRT for high-performance computing should treat this as a priority update once the vendor releases the necessary patch.