CVE-2026-24229
7.3
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
Summary
NVIDIA TensorRT-LLM for Linux contains a vulnerability in the disaggregated orchestrator component, where an attacker could read, write, or delete internal cluster state by sending requests to the FastAPI server. A successful exploit of this vulnerability might lead to information disclosure, data tampering, and denial of service.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| NVIDIA | TensorRT-LLM | 0.0 <= v1.3.0 rc16 | affected |
Weaknesses
- CWE-306: CWE-306 Missing Authentication for Critical Function
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.