CVE-2026-24222

High

Published: 28 April 2026

Published

28 April 2026

Modified

04 May 2026

KEV Added

—

Patch

—

CVSS Score 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

EPSS Score 0.0006 17.0th percentile

Risk Priority 17 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-24222 is a high-severity Exposure of Sensitive System Information to an Unauthorized Control Sphere (CWE-497) vulnerability in Nvidia Nemoclaw. Its CVSS base score is 8.6 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Data from Local System (T1005); ranked at the 17.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 AC-25 (Reference Monitor) and SC-39 (Process Isolation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Data from Local System (T1005) and 1 other technique. What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

AC-25 Reference Monitor good match

prevent

Implements a reference monitor in the sandbox environment to enforce access control policies, preventing the agent from reading unauthorized host environment variables during initialization.

SI-10 Information Input Validation good match

prevent

Validates and sanitizes prompt-injected content inputs to the sandbox initialization component, blocking exploitation that tricks the agent into accessing host environment variables.

SC-39 Process Isolation good match

prevent

Enforces process isolation between the sandbox agent and host system, restricting access to and exfiltration of sensitive host environment variables during sandbox creation.

MITRE ATT&CK Enterprise TechniquesAI

T1005 Data from Local System Collection

Adversaries may search local system sources, such as file systems, configuration files, local databases, virtual machine files, or process memory, to find files of interest and sensitive data prior to Exfiltration.

attack.mitre.org →

T1041 Exfiltration Over C2 Channel Exfiltration

Adversaries may steal data by exfiltrating it over an existing command and control channel.

attack.mitre.org →

Why these techniques?

Vulnerability directly enables unauthorized access to host environment variables from sandbox (T1005 Data from Local System) followed by exfiltration of that data (T1041 Exfiltration Over C2 Channel).

Confidence: MEDIUM · MITRE ATT&CK Enterprise v18.1

NVD Description

NVIDIA NeMoClaw contains a vulnerability in the sandbox environment initialization component, where a remote attacker could cause improper access control by sending prompt-injected content that causes the agent to read and exfiltrate host environment variables not properly restricted during sandbox…

creation. A successful exploit of this vulnerability might lead to information disclosure.

Deeper analysisAI

CVE-2026-24222 affects NVIDIA NeMoClaw in its sandbox environment initialization component. The vulnerability enables improper access control (CWE-497), where a remote attacker sends prompt-injected content that causes the agent to read and exfiltrate host environment variables not properly restricted during sandbox creation. Published on 2026-04-28, it has a CVSS v3.1 base score of 8.6 (AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N), indicating high severity due to network accessibility, low attack complexity, and significant confidentiality impact.

A remote attacker requires no privileges or user interaction to exploit this vulnerability. By crafting and sending malicious prompt-injected content, the attacker can trick the agent into accessing sensitive host environment variables during sandbox setup, leading to their exfiltration and potential information disclosure.

Mitigation details are available in official advisories, including NVIDIA's security bulletin at https://nvidia.custhelp.com/app/answers/detail/a_id/5837, the NVD entry at https://nvd.nist.gov/vuln/detail/CVE-2026-24222, and the CVE record at https://www.cve.org/CVERecord?id=CVE-2026-24222. Security practitioners should consult these for patch information and workarounds.

Details

CWE(s): CWE-497

Affected Products

nvidia

nemoclaw

≤ 0.0.18

CVEs Like This One

CVE-2025-33238Same vendor: Nvidia

CVE-2025-33181Same vendor: Nvidia

CVE-2025-33239Same vendor: Nvidia

CVE-2026-24154Same vendor: Nvidia

CVE-2026-24158Same vendor: Nvidia

CVE-2025-33236Same vendor: Nvidia

CVE-2026-24165Same vendor: Nvidia

CVE-2026-24148Same vendor: Nvidia

CVE-2025-33251Same vendor: Nvidia

CVE-2025-33179Same vendor: Nvidia

References

https://nvd.nist.gov/vuln/detail/CVE-2026-24222
US Government Resource · psirt@nvidia.com
https://nvidia.custhelp.com/app/answers/detail/a_id/5837
Vendor Advisory · psirt@nvidia.com
https://www.cve.org/CVERecord?id=CVE-2026-24222
Third Party Advisory · psirt@nvidia.com