CVE-2026-24157

High

Published: 24 March 2026

Published

24 March 2026

Modified

31 March 2026

KEV Added

—

Patch

—

CVSS Score 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Score 0.0012 29.9th percentile

Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Description

NVIDIA NeMo Framework contains a vulnerability in checkpoint loading where an attacker could cause remote code execution. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure and data tampering.

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match

prevent

Directly mitigates CVE-2026-24157 by requiring timely patching of the deserialization flaw in NVIDIA NeMo Framework checkpoint loading as advised by NVIDIA and NVD.

SI-10 Information Input Validation good match

prevent

Prevents exploitation of CWE-502 deserialization of untrusted data by validating checkpoint inputs prior to loading in the NeMo Framework.

AC-6 Least Privilege partial match

prevent

Limits damage from local low-privilege (PR:L) attackers by enforcing least privilege, reducing potential for escalation during checkpoint loading exploits.

Security SummaryAI

CVE-2026-24157 is a vulnerability in the NVIDIA NeMo Framework, specifically within its checkpoint loading mechanism, that could allow an attacker to achieve remote code execution. A successful exploit might result in code execution, escalation of privileges, information disclosure, and data tampering. The vulnerability is rated with a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) and is associated with CWE-502 (Deserialization of Untrusted Data). It was published on 2026-03-24.

The attack requires local access to the system (AV:L), low attack complexity (AC:L), and low privileges (PR:L), with no user interaction needed (UI:N). An attacker with these conditions could exploit the flaw to gain high-impact confidentiality, integrity, and availability effects (C:H/I:H/A:H) within the unchanged security scope (S:U), potentially leading to the described outcomes such as code execution and privilege escalation.

Advisories from the National Vulnerability Database (https://nvd.nist.gov/vuln/detail/CVE-2026-24157), NVIDIA (https://nvidia.custhelp.com/app/answers/detail/a_id/5800), and CVE.org (https://www.cve.org/CVERecord?id=CVE-2026-24157) provide further details on mitigations and patches for this vulnerability in the NVIDIA NeMo Framework.

As part of NVIDIA's toolkit for building generative AI models, the NeMo Framework's exposure highlights risks in AI/ML workflows involving checkpoint loading, though no real-world exploitation has been reported in the available information.

Details

CWE(s): CWE-502

Affected Products

nvidia

nemo

≤ 2.6.2

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation

Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.

attack.mitre.org →

Why these techniques?

The vulnerability enables remote code execution and privilege escalation from local low-privilege access via unsafe deserialization (CWE-502), directly mapping to Exploitation for Privilege Escalation (T1068).

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

References

https://nvd.nist.gov/vuln/detail/CVE-2026-24157
Third Party Advisory, US Government Resource · psirt@nvidia.com
https://nvidia.custhelp.com/app/answers/detail/a_id/5800
Vendor Advisory · psirt@nvidia.com
https://www.cve.org/CVERecord?id=CVE-2026-24157
Third Party Advisory · psirt@nvidia.com