CVE-2026-24188

NVIDIA · TensorRT

NVIDIA TensorRT contains an out-of-bounds write vulnerability that could potentially allow an attacker to execute arbitrary code or cause a system crash.

Executive summary

An out-of-bounds write vulnerability in NVIDIA TensorRT introduces a critical risk of memory corruption and potential arbitrary code execution.

Vulnerability

The vulnerability stems from an out-of-bounds write condition within the TensorRT library. An attacker could exploit this memory corruption issue to overwrite critical memory regions, potentially leading to application instability or unauthorized code execution.

Business impact

The CVSS score of 8.2 classifies this as a high-severity vulnerability with significant security implications. Exploitation could lead to the compromise of GPU-accelerated workloads, potential data exfiltration, or denial-of-service, impacting both operational continuity and system integrity.

Remediation

Immediate Action: Identify all instances of TensorRT in your environment and apply the latest security patches provided by NVIDIA as soon as they become available.

Proactive Monitoring: Review application logs for crashes or abnormal memory usage patterns that may indicate an attempt to trigger the out-of-bounds write condition.

Compensating Controls: Isolate TensorRT-dependent applications within segmented network zones to limit the potential reach of an attacker attempting to exploit memory-based vulnerabilities.

Exploitation status

Public Exploit Available: false

Analyst recommendation

Memory-based vulnerabilities like out-of-bounds writes are frequently targeted by attackers to bypass security controls. Organizations using TensorRT for high-performance computing should treat this as a priority update once the vendor releases the necessary patch.