Server-Side Request Forgery Vulnerability in NVIDIA TensorRT-LLM for Linux
CVE-2026-24234

6.8MEDIUM

Key Information:

Vendor

Nvidia

Vendor
CVE Published:
14 July 2026

What is CVE-2026-24234?

NVIDIA TensorRT-LLM for Linux is susceptible to a server-side request forgery vulnerability within its multimodal media fetching functions. This flaw allows an attacker with network access to manipulate server requests. Exploiting this vulnerability may lead to unauthorized data access or interruption of service, posing significant security risks for users.

Affected Version(s)

TensorRT-LLM 0.0

References

CVSS V3.1

Score:
6.8
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.