PatchSiren cyber security CVE debrief
CVE-2026-24227 NVIDIA CVE debrief
CVE-2026-24227 is a deserialization vulnerability in NVIDIA's TensorRT, which could lead to code execution. The vulnerability has a CVSS score of 5.3 and is considered medium severity. Successful exploitation could lead to code execution. Organizations using NVIDIA TensorRT should review and apply patches to mitigate this vulnerability. The vulnerability is described as CWE-502.
- Vendor
- NVIDIA
- Product
- TensorRT
- CVSS
- MEDIUM 5.3
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-07-14
- Original CVE updated
- 2026-07-17
- Advisory published
- 2026-07-14
- Advisory updated
- 2026-07-17
Who should care
Organizations using NVIDIA TensorRT, operators, and security teams should review and apply patches to mitigate this vulnerability. Affected platforms and components should be assessed for potential exposure. Vulnerability management and security teams should prioritize patching and monitor for suspicious activity related to deserialization attempts.
Technical summary
NVIDIA TensorRT contains a vulnerability where a user might cause deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution. The vulnerability is described as CWE-502 and has a CVSS vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L. The vulnerability affects NVIDIA TensorRT, and defenders should verify the affected scope and apply patches accordingly.
Defensive priority
Apply patches from NVIDIA to mitigate deserialization vulnerability in TensorRT. Review and update inventory of NVIDIA TensorRT installations. Monitor for suspicious activity related to deserialization attempts.
Recommended defensive actions
- Apply patches from NVIDIA to mitigate deserialization vulnerability in TensorRT
- Review and update inventory of NVIDIA TensorRT installations
- Monitor for suspicious activity related to deserialization attempts
- Review compensating controls for exposed systems while remediation is scheduled and verified
- Confirm whether affected product deployments exist in managed environments and assign an owner for follow-up
Evidence notes
The CVE record was published on 2026-07-14T21:16:43.983Z and was last modified on 2026-07-17T03:31:06.200Z. The NVD entry is currently Analyzed. The vulnerability affects NVIDIA TensorRT, and defenders should verify the affected scope and apply patches accordingly. Evidence is limited to public sources, and further verification is required.
Official resources
-
CVE-2026-24227 CVE record
CVE.org
-
CVE-2026-24227 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
[email protected] - Vendor Advisory
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-14T21:16:43.983Z and has not been modified since then. The NVD entry is currently Analyzed.