CVE-2026-24204EXPLOITED

nvidia · flare sdk

CVE-2026-24204: NVIDIA Flare SDK contains a vulnerability where an Attacker may cause an Improper Input Validation by path traversing. A

Description

NVIDIA Flare SDK contains a vulnerability where an Attacker may cause an Improper Input Validation by path traversing. A successful exploit of this vulnerability may lead to information disclosure.

Affected Products

Vendor	Product	Versions
nvidia	flare sdk	All versions prior to 2.7.2

References

Related News (1 articles)

Tier C

VulDB7d ago

CVE-2026-24204 | NVIDIA FLARE SDK information disclosure

→ No new info (linked only)

CVSS 3.16.5 MEDIUM

VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CISA KEV❌ No

Actively exploited✅ Yes

CWECWE-20

PublishedApr 28, 2026

Last enriched7d agov2

Trending Score12

Source articles1

Independent1

Info Completeness8/14

Missing: epss, kev, exploit, patch, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

HIGHCVE-2026-31739

crypto: tegra - Add missing CRYPTO_ALG_ASYNC

Trending: 31

CRITICALPRE-CVE

Rowhammer Attack Against NVIDIA Chips

Trending: 30

CRITICALCVE-2026-24178EXP

CVE-2026-24178: NVIDIA NVFlare Dashboard contains a vulnerability in the user management and authentication system where an unauthentica

Trending: 20

HIGHCVE-2026-24186EXP

CVE-2026-24186: NVIDIA FLARE SDK contains a vulnerability in FOBS, where an attacker may cause deserialization of untrusted data by sen

Trending: 15

HIGHCVE-2026-24222

CVE-2026-24222: NVIDIA NeMoClaw contains a vulnerability in the sandbox environment initialization component, where a remote attacker co

Trending: 14

Pin to Dashboard

Verification

State: unverified

Confidence: 0%

Vulnerability Timeline

CVE Published

Apr 28, 2026

Discovered by ZDM

Apr 28, 2026

Updated: severity, activelyExploited

Apr 28, 2026

Actively Exploited

Apr 29, 2026

Version History

Last enriched 7d ago

v2Tier C7d ago

Updated severity to HIGH and marked the vulnerability as actively exploited.

severityactivelyExploited

via VulDB

v17d ago

Initial creation