Cyber Resilience

CVE-2026-24160

Medium

Published: 20 May 2026

Published
20 May 2026
Modified
21 May 2026
KEV Added
Patch
CVSS Score v3.1 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
EPSS Score 0.0042 33.6th percentile
Risk Priority 11 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-24160 is a medium-severity Unchecked Return Value to NULL Pointer Dereference (CWE-690) vulnerability in Nvidia Tensorrt Llm. Its CVSS base score is 5.5 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Application or System Exploitation (T1499.004); ranked at the 33.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

This vulnerability is AI-related — categorised as NLP and Transformers; in the Other ATLAS/OWASP Terms risk domain.

EU & UK References

Vulnerability details

NVIDIA TRT-LLM for any platform contains a vulnerability where an attacker could cause an unchecked return value to a null pointer dereference. A successful exploit of this vulnerability might lead to denial of service.

CWE(s)

AI Security AnalysisAI

AI Category
NLP and Transformers
Risk Domain
Other ATLAS/OWASP Terms
OWASP Top 10 for LLMs 2025
None mapped
Classification Reason
Matched keywords: llm

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1499.004 Application or System Exploitation Impact
Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users.
Why these techniques?

Null pointer dereference enables direct application exploitation for endpoint DoS.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2026-24142Same product: Nvidia Tensorrt Llm
CVE-2025-33255Same product: Nvidia Tensorrt Llm
CVE-2026-24163Same product: Nvidia Tensorrt Llm
CVE-2026-24175Same vendor: Nvidia
CVE-2026-24195Same vendor: Nvidia
CVE-2026-24173Same vendor: Nvidia
CVE-2026-24146Same vendor: Nvidia
CVE-2025-33238Same vendor: Nvidia
CVE-2026-24196Same vendor: Nvidia
CVE-2026-24158Same vendor: Nvidia

Affected Assets

nvidia
tensorrt llm
≤ 1.2

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References