CVE-2026-24149

EUVD-2026-5178
NVIDIA Megatron-LM for all platforms contains a vulnerability in a script, where malicious data created by an attacker may cause a code injection issue. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information disclosure, data tampering.
Code Injection
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
nvidiaCNA
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
nvidiamegatron-lm
𝑥
< 0.14.0
CNA
Common Weakness Enumeration
References
https://nvd.nist.gov/vuln/detail/CVE-2026-24149
https://www.cve.org/CVERecord?id=CVE-2026-24149