HIGHCVE-2026-24200Published Modified CNA nvidia
CVE-2026-24200: NVIDIA vGPU software contains a vulnerability in the virtual GPU manager, where an attacker could cause a use-after-free for stack memory
NVIDIA vGPU software contains a vulnerability in the virtual GPU manager, where an attacker could cause a use-after-free for stack memory. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution.
Metrics
- CVSS v3.1
- 7.0
- Severity
- HIGH
- Fixed in
- —
- Affected Products
- 5
Affected packages
- NVIDIA / Virtual GPU Manager595.58.02(All versions up to and including the March 2026 release)
- NVIDIA / Virtual GPU Manager580.126.08(All versions prior to and including vGPU 19.4)
- NVIDIA / Virtual GPU Manager535.288.01(All versions prior to and including vGPU 16.13)
- NVIDIA / Virtual GPU Manager595.94(All versions prior to and including vGPU 20.0)
- NVIDIA / Virtual GPU Manager582.16(All versions prior to and including vGPU 19.4)
CVSS Vector
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:HReferences