Out-of-Bound Access Vulnerability in NVIDIA vGPU Software
CVE-2026-24201

5.8MEDIUM

Key Information:

Vendor: Nvidia
Status: Virtual Gpu Manager
Vendor: CVE Published:; 26 May 2026

What is CVE-2026-24201?

The NVIDIA vGPU software has a vulnerability within the virtual GPU manager that allows an attacker to exploit out-of-bound access. This could potentially lead to unauthorized data tampering, denial of service, or information disclosure, compromising the integrity and availability of the system.

Affected Version(s)

Virtual GPU Manager Azure Local 595.94(All versions prior to and including vGPU 20.0)

Virtual GPU Manager Azure Local 582.16(All versions prior to and including vGPU 19.4)

Virtual GPU Manager Red Hat Enterprise Linux KVM 595.58.02(All versions up to and including the March 2026 release)

References

https://nvd.nist.gov/vuln/detail/CVE-2026-24201

https://www.cve.org/CVERecord?id=CVE-2026-24201

https://nvidia.custhelp.com/app/answers/detail/a_id/5821

CVSS V3.1

Score:

5.8

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 26, 2026
Vulnerability Reserved
Jan 21, 2026

CVE-2026-24201 Data

JSON

Nvidia

What is CVE-2026-24201?

Affected Version(s)

References

CVSS V3.1

Timeline