CVE-2026-24160

Medium

Published: 20 May 2026

Published

20 May 2026

Modified

21 May 2026

KEV Added

—

Patch

—

CVSS Score 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

EPSS Score 0.0002 5.8th percentile

Risk Priority 11 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-24160 is a medium-severity Unchecked Return Value to NULL Pointer Dereference (CWE-690) vulnerability in Nvidia Tensorrt Llm. Its CVSS base score is 5.5 (Medium).

Operationally, ranked at the 5.8th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

This vulnerability is AI-related — categorised as Other AI Platforms.

NVD Description

NVIDIA TRT-LLM for any platform contains a vulnerability where an attacker could cause an unchecked return value to a null pointer dereference. A successful exploit of this vulnerability might lead to denial of service.

Deeper analysisAI

Automated synthesis unavailable for this CVE.

Details

CWE(s): CWE-690

Affected Products

nvidia

tensorrt llm

≤ 1.2

AI Security AnalysisAI

AI Category: Other AI Platforms
Risk Domain: N/A
OWASP Top 10 for LLMs 2025: None mapped
Classification Reason: Matched keywords: llm

EU & UK References

🇪🇺 ENISA EUVD: EUVD-2026-31058

References

https://nvd.nist.gov/vuln/detail/CVE-2026-24160
Third Party Advisory, US Government Resource · psirt@nvidia.com
https://nvidia.custhelp.com/app/answers/detail/a_id/5805
Vendor Advisory · psirt@nvidia.com
https://www.cve.org/CVERecord?id=CVE-2026-24160
Third Party Advisory, VDB Entry · psirt@nvidia.com