PatchSiren

nv-tlabs CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

CRITICAL nv-tlabs CVE published 2026-06-17

CVE-2026-53805

CVE-2026-53805 is a critical vulnerability in NVIDIA's GEN3C, allowing unauthenticated remote code execution via deserialization of raw HTTP request bodies using Python's pickle.loads() without authentication or input validation. The vulnerability exists in the inference API server of NVIDIA Spatial Intelligence Lab's (SIL) GEN3C, specifically in the /request-inference and /seed-model endpoints. These end [truncated]