HIGHCVE-2026-24149Published Modified CNA nvidia
CVE-2026-24149: NVIDIA Megatron-LM for all platforms contains a vulnerability in a script, where malicious data created by an attacker may cause a code injection issue
NVIDIA Megatron-LM for all platforms contains a vulnerability in a script, where malicious data created by an attacker may cause a code injection issue. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information disclosure, data tampering.
Metrics
- CVSS v3.1
- 7.8
- Severity
- HIGH
- Fixed in
- 0.14.0
- Affected Products
- 1
Fix available
0.14.0
Affected packages
- NVIDIA / Megatron-LM< 0.14.0 (from 0)
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H