CVE-2026-24220

Summary

NVIDIA TensorRT-LLM for any platform contains a vulnerability in visual gen server, where an attacker could cause an unsafe deserialization by unauthorized zeroMQ deserialization. A successful exploit of this vulnerability might lead to code execution.

Affected Software

VendorProductVersion RangeStatus
NVIDIATensorRT-LLM0.0 <= v1.3.0 rc11affected

Weaknesses

  • CWE-502: CWE-502 Deserialization of Untrusted Data

References