CVE-2026-24151

Name of the Vulnerable Software and Affected Versions NVIDIA Megatron-LM (affected versions not specified)

Description An issue exists in NVIDIA Megatron-LM’s inferencing process that could allow an attacker to achieve Remote Code Execution (RCE). This occurs when a user is convinced to load a maliciously crafted input. Successful exploitation may lead to code execution, escalation of privileges, information disclosure, and data tampering. The attack involves loading a malicious input, potentially through an API endpoint, which then triggers the execution of arbitrary code. The vulnerable component is the input processing mechanism within the inferencing functionality.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.