CVE-2026-24191
Possible ATT&CK Techniques 1AI
T1200 · Hardware AdditionsAffected Version Matrix 13
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| NVIDIA | GeForce | All driver versions prior to 596.36 | affected |
All driver versions prior to 582.53 Only GPUs based on the NVIDIA Maxwell, Volta, and Pascal GPU arc | affected | ||
| NVIDIA | Guest driver | 595.97(All versions prior to and including vGPU 20.0) | affected |
582.16(All versions prior to and including vGPU 19.4) | affected | ||
539.64(All versions prior to and including vGPU 16.13) | affected | ||
| NVIDIA | NVIDIA RTX, Quadro, NVS | All driver versions prior to 596.36 | affected |
All driver versions prior to 582.53 | affected | ||
All driver versions prior to 539.72 | affected | ||
| NVIDIA | Tesla | All driver versions prior to 596.36 | affected |
All driver versions prior to 582.53 | affected | ||
All driver versions prior to 539.72 | affected | ||
| NVIDIA | Virtual GPU Manager | 595.94(All versions prior to and including vGPU 20.0) | affected |
582.16(All versions prior to and including vGPU 19.4) | affected |
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-24191
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
NVIDIA Display Driver for Windows contains a vulnerability where an attacker could cause a time-of-check time-of-use issue. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
检查时间与使用时间(TOCTOU)的竞争条件
Source: NVD (National Vulnerability Database)
Vulnerability Title
NVIDIA Display Driver 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
NVIDIA Display Driver是美国英伟达(NVIDIA)公司的一款显卡驱动程序。 NVIDIA Display Driver存在安全漏洞,该漏洞源于可能导致检查时间使用时间问题,可能导致拒绝服务、权限提升、信息泄露、数据篡改和代码执行。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| NVIDIA | GeForce | All driver versions prior to 596.36 | - | |
| NVIDIA | GeForce | All driver versions prior to 582.53 Only GPUs based on the NVIDIA Maxwell, Volta, and Pascal GPU architectures are affected. | - | |
| NVIDIA | NVIDIA RTX, Quadro, NVS | All driver versions prior to 596.36 | - | |
| NVIDIA | NVIDIA RTX, Quadro, NVS | All driver versions prior to 582.53 | - | |
| NVIDIA | NVIDIA RTX, Quadro, NVS | All driver versions prior to 539.72 | - | |
| NVIDIA | Tesla | All driver versions prior to 596.36 | - | |
| NVIDIA | Tesla | All driver versions prior to 582.53 | - | |
| NVIDIA | Tesla | All driver versions prior to 539.72 | - | |
| NVIDIA | Guest driver | 595.97(All versions prior to and including vGPU 20.0) | - | |
| NVIDIA | Guest driver | 582.16(All versions prior to and including vGPU 19.4) | - | |
| NVIDIA | Guest driver | 539.64(All versions prior to and including vGPU 16.13) | - | |
| NVIDIA | Virtual GPU Manager | 595.94(All versions prior to and including vGPU 20.0) | - | |
| NVIDIA | Virtual GPU Manager | 582.16(All versions prior to and including vGPU 19.4) | - |
II. Public POCs for CVE-2026-24191
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-24191
请登录查看更多情报信息。
Vendor Advisories for CVE-2026-24191 (1)
Other References for CVE-2026-24191 (1)
Same Patch Batch · NVIDIA · 2026-05-26 · 17 CVEs total
| CVE-2026-24187 | 8.8 HIGH | NVIDIA Display Driver for Linux 资源管理错误漏洞 |
| CVE-2026-24194 | 7.8 HIGH | NVIDIA Display Driver for Linux 安全漏洞 |
| CVE-2026-24190 | 7.8 HIGH | NVIDIA Display Driver 安全漏洞 |
| CVE-2026-24193 | 7.8 HIGH | NVIDIA Display Driver 缓冲区错误漏洞 |
| CVE-2026-24192 | 7.8 HIGH | NVIDIA Display Driver 安全漏洞 |
| CVE-2026-24162 | 7.8 HIGH | NVIDIA Transformers4Rec 代码问题漏洞 |
| CVE-2026-24212 | 7.5 HIGH | NVIDIA Isaac Launchable 安全漏洞 |
| CVE-2026-24196 | 7.1 HIGH | NVIDIA Display Driver for Linux 缓冲区错误漏洞 |
| CVE-2026-24195 | 7.1 HIGH | NVIDIA Display Driver 输入验证错误漏洞 |
| CVE-2026-24200 | 7.0 HIGH | NVIDIA vGPU Software 资源管理错误漏洞 |
| CVE-2026-24197 | 6.5 MEDIUM | NVIDIA Display Driver for Linux 安全漏洞 |
| CVE-2026-24182 | 6.5 MEDIUM | NVIDIA Display Driver 安全漏洞 |
| CVE-2026-24201 | 5.8 MEDIUM | NVIDIA vGPU Software 缓冲区错误漏洞 |
| CVE-2026-24198 | 5.6 MEDIUM | NVIDIA GPU Display Driver 信息泄露漏洞 |
| CVE-2026-24199 | 4.7 MEDIUM | NVIDIA Display Driver 竞争条件问题漏洞 |
| CVE-2025-33221 | 4.4 MEDIUM | NVIDIA Display Driver 输入验证错误漏洞 |
IV. Related Vulnerabilities
Same weakness: CWE-367
- CVE-2026-9796
Keycloak: keycloak: privilege escalation via time-of-check t - CVE-2026-42336
MaxKB: SSRF Bypass via DNS Rebinding in MaxKB OSS URL Fetch - CVE-2026-45208
Trend Micro Apex One和TrendAI Vision One Endpoint Security - - CVE-2026-7837
TOCTOU with root privilege in ad_flush - CVE-2026-29518
Rsync < 3.4.3 TOCTOU Race Condition Allows Symlink-Based Arb
V. Comments for CVE-2026-24191
No comments yet