CVE-2026-24178

· NIST NVD ↗

NVIDIA NVFlare Dashboard contains a vulnerability in the user management and authentication system where an unauthenticated attacker may cause authorization bypass through user-controlled key. A successful exploit of this vulnerability may lead to privilege escalation, data tampering, information disclosure, code execution, and denial of service.

CRITICAL
CVSS severity
9.8
CVSS base score
2026-04-28
Published

CWE codes

CWE-639

Affected products

nvidia:nvflareapple:macoslinux:linux_kernel

Sources