CRITICAL
nv-tlabs
CVE published 2026-06-17
CVE-2026-53805
CVE-2026-53805 is a critical vulnerability in NVIDIA's GEN3C, allowing unauthenticated remote code execution via deserialization of raw HTTP request bodies using Python's pickle.loads() without authentication or input validation. The vulnerability exists in the inference API server of NVIDIA Spatial Intelligence Lab's (SIL) GEN3C, specifically in the /request-inference and /seed-model endpoints. These end [truncated]