Cyber Posture

CVE-2026-24165

High

Published: 31 March 2026

Published
31 March 2026
Modified
03 April 2026
KEV Added
Patch
CVSS Score 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score 0.0004 12.6th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-24165 is a high-severity Deserialization of Untrusted Data (CWE-502) vulnerability in Nvidia Bionemo Framework. Its CVSS base score is 7.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Malicious File (T1204.002); ranked at the 12.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Malicious File (T1204.002) and 1 other technique. What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match
prevent

Directly mitigates the deserialization vulnerability by requiring timely flaw remediation through patching as specified in the NVIDIA advisory.

SI-10 Information Input Validation good match
prevent

Prevents exploitation of untrusted data deserialization by enforcing validation of inputs to ensure they are safe and conform to expected structures before processing.

SI-7 Software, Firmware, and Information Integrity partial match
detect

Detects unauthorized changes to software or data integrity that could result from successful deserialization leading to code execution or tampering.

MITRE ATT&CK Enterprise TechniquesAI

T1204.002 Malicious File Execution
An adversary may rely upon a user opening a malicious file in order to gain execution.
attack.mitre.org →
T1059.006 Python Execution
Adversaries may abuse Python commands and scripts for execution.
attack.mitre.org →
Why these techniques?

Deserialization of untrusted data (CWE-502) with required user interaction directly enables malicious file-based code execution via Python interpreter.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

NVIDIA BioNeMo contains a vulnerability where a user could cause a deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering.

Deeper analysisAI

CVE-2026-24165 is a vulnerability in NVIDIA BioNeMo that enables deserialization of untrusted data, corresponding to CWE-502. Published on 2026-03-31, it carries a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H), indicating high impact on confidentiality, integrity, and availability.

An attacker with local access to the affected system can exploit this vulnerability with low complexity and no required privileges, though user interaction is necessary. Successful exploitation might result in arbitrary code execution, denial of service, information disclosure, or data tampering.

Mitigation details are available in advisories from the National Vulnerability Database (https://nvd.nist.gov/vuln/detail/CVE-2026-24165), NVIDIA (https://nvidia.custhelp.com/app/answers/detail/a_id/5808), and CVE.org (https://www.cve.org/CVERecord?id=CVE-2026-24165).

Details

CWE(s)
CWE-502

Affected Products

nvidia
bionemo framework
≤ 2026-01-21

CVEs Like This One

CVE-2026-24164Same product: Nvidia Bionemo Framework
CVE-2026-24150Same vendor: Nvidia
CVE-2026-24152Same vendor: Nvidia
CVE-2025-33253Same vendor: Nvidia
CVE-2026-24151Same vendor: Nvidia
CVE-2025-33248Same vendor: Nvidia
CVE-2025-33241Same vendor: Nvidia
CVE-2025-33252Same vendor: Nvidia
CVE-2025-33245Same vendor: Nvidia
CVE-2026-24157Same vendor: Nvidia

References