CVE-2026-24157
Published: 24 March 2026
Summary
CVE-2026-24157 is a high-severity Deserialization of Untrusted Data (CWE-502) vulnerability in Nvidia Nemo. Its CVSS base score is 7.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 29.8th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly mitigates CVE-2026-24157 by requiring timely patching of the deserialization flaw in NVIDIA NeMo Framework checkpoint loading as advised by NVIDIA and NVD.
Prevents exploitation of CWE-502 deserialization of untrusted data by validating checkpoint inputs prior to loading in the NeMo Framework.
Limits damage from local low-privilege (PR:L) attackers by enforcing least privilege, reducing potential for escalation during checkpoint loading exploits.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The vulnerability enables remote code execution and privilege escalation from local low-privilege access via unsafe deserialization (CWE-502), directly mapping to Exploitation for Privilege Escalation (T1068).
NVD Description
NVIDIA NeMo Framework contains a vulnerability in checkpoint loading where an attacker could cause remote code execution. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure and data tampering.
Deeper analysisAI
CVE-2026-24157 is a vulnerability in the NVIDIA NeMo Framework, specifically within its checkpoint loading mechanism, that could allow an attacker to achieve remote code execution. A successful exploit might result in code execution, escalation of privileges, information disclosure, and data tampering. The vulnerability is rated with a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) and is associated with CWE-502 (Deserialization of Untrusted Data). It was published on 2026-03-24.
The attack requires local access to the system (AV:L), low attack complexity (AC:L), and low privileges (PR:L), with no user interaction needed (UI:N). An attacker with these conditions could exploit the flaw to gain high-impact confidentiality, integrity, and availability effects (C:H/I:H/A:H) within the unchanged security scope (S:U), potentially leading to the described outcomes such as code execution and privilege escalation.
Advisories from the National Vulnerability Database (https://nvd.nist.gov/vuln/detail/CVE-2026-24157), NVIDIA (https://nvidia.custhelp.com/app/answers/detail/a_id/5800), and CVE.org (https://www.cve.org/CVERecord?id=CVE-2026-24157) provide further details on mitigations and patches for this vulnerability in the NVIDIA NeMo Framework.
As part of NVIDIA's toolkit for building generative AI models, the NeMo Framework's exposure highlights risks in AI/ML workflows involving checkpoint loading, though no real-world exploitation has been reported in the available information.
Details
- CWE(s)