Latest CVE Feed
Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.
NVIDIA Triton Inference Server contains a vulnerability in the HTTP endpoint where an attacker may cause a denial of service by providing a large compressed payload. A successful exploit of this vuln…
NVIDIA NeMo Framework contains a vulnerability in checkpoint loading where an attacker could cause remote code execution. A successful exploit of this vulnerability might lead to code execution, esca…
NVIDIA Megatron-LM contains a vulnerability in checkpoint loading where an Attacker may cause an RCE by convincing a user to load a maliciously crafted file. A successful exploit of this vulnerabilit…
NVIDIA Megatron-LM contains a vulnerability in inferencing where an Attacker may cause an RCE by convincing a user to load a maliciously crafted input. A successful exploit of this vulnerability may …
NVIDIA Megatron-LM contains a vulnerability in checkpoint loading where an Attacker may cause an RCE by convincing a user to load a maliciously crafted file. A successful exploit of this vulnerabilit…
NVIDIA Model Optimizer for Windows and Linux contains a vulnerability in the ONNX quantization feature, where a user could cause unsafe deserialization by providing a specially crafted input file. A …
HCL Traveler is susceptible to a weak default HTTP header validation vulnerability, which could allow an attacker to bypass additional authentication checks.
NVIDIA Triton Inference Server contains a vulnerability where an attacker may cause internal state corruption. A successful exploit of this vulnerability may lead to a denial of service.
NVIDIA Megatron-LM contains a vulnerability in the hybrid conversion script where an Attacker may cause an RCE by convincing a user to load a maliciously crafted file. A successful exploit of this vu…
NVIDIA Megatron LM contains a vulnerability in quantization configuration loading, which could allow remote code execution. A successful exploit of this vulnerability might lead to code execution, es…
NVIDIA APEX for Linux contains a vulnerability where an unauthorized attacker could cause a deserialization of untrusted data. This vulnerability affects environments that use PyTorch versions earlie…
NVIDIA B300 MCU contains a vulnerability in the CX8 MCU that could allow a malicious actor to modify unsupported registries, causing a bad state. A successful exploit of this vulnerability might lead…
NVIDIA Triton Inference Server Sagemaker HTTP server contains a vulnerability where an attacker may cause an exception. A successful exploit of this vulnerability may lead to denial of service.
NVIDIA SNAP-4 Container contains a vulnerability in the configuration interface where an attacker on a VM may cause an incorrect calculation of buffer size by sending crafted configurations. A succes…
NVIDIA SNAP-4 Container contains a vulnerability in the VIRTIO-BLK component where a malicious guest VM may cause use of out-of-range pointer offset by sending crafted messages. A successful exploit …
pyLoad is a free and open-source download manager written in Python. From version 0.4.20 to before version 0.5.0b3.dev97, the local_check decorator in pyLoad's ClickNLoad feature can be bypassed by a…
pyLoad is a free and open-source download manager written in Python. From version 0.4.0 to before version 0.5.0b3.dev97, the set_config_value() API endpoint allows users with the non-admin SETTINGS p…
MinIO is a high-performance object storage system. Prior to RELEASE.2026-03-17T21-25-16Z, MinIO AIStor's STS (Security Token Service) AssumeRoleWithLDAPIdentity endpoint is vulnerable to LDAP credent…
Vim is an open source, command line text editor. Prior to version 9.2.0202, a command injection vulnerability exists in Vim's glob() function on Unix-like systems. By including a newline character (\…
Soft Serve is a self-hostable Git server for the command line. From version 0.6.0 to before version 0.11.6, an authorization flaw in repo import allows any authenticated SSH user to clone a server-lo…