Use After Free in Nvidia Geforce

CVE-2026-24187

NVIDIA Display Driver for Linux contains a vulnerability where an attacker could cause a use-after-free. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tam…

Vulnerability class: Use-After-Free

EPSS: 0.000 (2.0th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.8 (High). Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H.

Affected products

  • Nvidia Geforce — versions All driver versions prior to 595.71.05, All driver versions prior to 580.159.03, All driver versions prior to 535.309.01
  • Nvidia Guest Driver — versions 595.58.03(All versions prior to and including vGPU 20.0), 580.126.09(All versions prior to and including vGPU 19.4), 535.288.01(All versions prior to and including vGPU 16.13)
  • Nvidia Rtx, Quadro, Nvs — versions All driver versions prior to 595.71.05, All driver versions prior to 580.159.03, All driver versions prior to 535.309.01
  • Nvidia Rtx, Quadro, Nvs — versions All driver versions prior to 595.71.05, All driver versions prior to 580.159.03, All driver versions prior to 535.309.01
  • Nvidia Tesla — versions All driver versions prior to 595.71.05, All driver versions prior to 580.159.03, All driver versions prior to 535.309.01
  • Nvidia Virtual Gpu Manager — versions 595.58.02(All versions up to and including the March 2026 release), 595.58.02(All versions prior to and including vGPU 20.0), 580.126.08(All versions prior to and including vGPU 19.4)

Weakness classification (CWE)

References

Frequently asked questions

What is CVE-2026-24187?
CVE-2026-24187 is a high-severity vulnerability in Nvidia Geforce, classified under Use After Free. CVSS score: 8.8/10. Published 2026-05-26.
How severe is CVE-2026-24187?
High severity. CVSS v3 base score is 8.8 out of 10.