CVE-2026-24162: NVIDIA Transformers4Rec for Linux contains a vulnerability where an attacker could cause improper deserialization of unt
Summary
NVIDIA Transformers4Rec for Linux has a vulnerability where attackers can exploit improper deserialization (unsafe processing of data that was converted into a storable format) of untrusted data, potentially leading to code execution (running commands on the system), data tampering, and information disclosure. The vulnerability is tracked as CVE-2026-24162 and a CVSS score (a 0-10 rating of how severe a vulnerability is) has not yet been assigned by NIST.
Vulnerability Details
7.8(high)
EPSS: 0.0%
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
local
low
none
required
May 26, 2026
Classification
Affected Vendors
Related Issues
CVE-2024-37052: Deserialization of untrusted data can occur in versions of the MLflow platform running version 1.1.0 or newer, enabling
CVE-2022-29200: TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implem
Original source: https://nvd.nist.gov/vuln/detail/CVE-2026-24162
First tracked: May 26, 2026 at 08:12 PM
Classified by LLM (prompt v3) · confidence: 85%