CVE-2026-24227 in TensorRTinfo

Summary

by MITRE • 07/15/2026

NVIDIA TensorRT for contains a vulnerability where a user might cause a deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Analysis

by VulDB Data Team • 07/15/2026

This vulnerability exists within NVIDIA TensorRT's deserialization functionality, representing a critical security flaw that could enable remote code execution through maliciously crafted input data. The issue stems from insufficient validation during the deserialization process where untrusted data is processed without proper sanitization or verification mechanisms. Attackers can exploit this weakness by crafting specially formatted serialized data that, when processed by TensorRT, triggers arbitrary code execution on the target system.

The technical implementation of this vulnerability aligns with common deserialization attack patterns documented in CWE-502, which specifically addresses "Deserialization of Untrusted Data" as a critical security concern. This flaw typically occurs when applications deserialize data from untrusted sources without adequate input validation, allowing attackers to inject malicious payloads that execute within the application's context. In the case of NVIDIA TensorRT, this represents a significant risk given the framework's widespread use in machine learning inference workloads where attackers might gain access to compute resources through compromised inference pipelines.

The operational impact of this vulnerability extends beyond simple code execution, as it provides adversaries with potential persistence mechanisms and lateral movement capabilities within environments where TensorRT is deployed. Systems utilizing TensorRT for production inference workloads become particularly vulnerable since attackers can leverage this weakness to establish backdoors or escalate privileges. The vulnerability affects various deployment scenarios including cloud-based machine learning platforms, edge computing devices, and on-premises inference servers that depend on NVIDIA's deep learning inference engine.

Organizations should implement immediate mitigations including restricting network access to TensorRT services, validating all input data through strict schema validation, and implementing application whitelisting controls to prevent unauthorized deserialization operations. The ATT&CK framework categorizes this vulnerability under T1203 "Exploitation for Client Execution" and T1059 "Command and Scripting Interpreter," highlighting the multi-stage attack approach typically employed by adversaries exploiting such weaknesses. Additionally, regular security updates from NVIDIA should be prioritized, while network segmentation and monitoring solutions should be deployed to detect anomalous deserialization activities that might indicate exploitation attempts.

Security teams must also consider implementing runtime application protection mechanisms and code integrity checks to prevent successful exploitation of this vulnerability. The risk assessment should include comprehensive penetration testing of TensorRT implementations to identify potential attack vectors and ensure proper input validation controls are in place across all inference pipelines. Organizations utilizing NVIDIA's TensorRT should conduct thorough vulnerability assessments to understand their exposure levels and implement layered defense strategies that address both the immediate deserialization flaw and broader security posture considerations for machine learning infrastructure.

Responsible

Nvidia

Reservation

01/21/2026

Disclosure

07/15/2026

Moderation

accepted

CPE

ready

EPSS

0.00000

KEV

no

Activities

very low

Sources

Want to know what is going to be exploited?

We predict KEV entries!