What is CVE-2026-24197?

CVE-2026-24197 is a medium-severity vulnerability in Nvidia Geforce, classified under Initialization of a Resource with an Insecure Default. CVSS score: 6.5/10. Published 2026-05-26.

How severe is CVE-2026-24197?

Medium severity. CVSS v3 base score is 6.5 out of 10.

RCE in Nvidia Geforce

CVE-2026-24197

NVIDIA Display Driver for Linux contains a vulnerability in the Multi-Instance GPU (MIG) partition management, where an insecure default initialization of memory subsystem routing resources could lead to data corruption or a hang during pa…

EPSS: 0.000 (2.2th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.5 (Medium). Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H.

Affected products

Nvidia Geforce — versions All driver versions prior to 595.71.05, All driver versions prior to 580.159.03, All driver versions prior to 535.309.01
Nvidia Rtx, Quadro, Nvs — versions All driver versions prior to 595.71.05, All driver versions prior to 580.159.03, All driver versions prior to 535.309.01
Nvidia Rtx, Quadro, Nvs — versions All driver versions prior to 595.71.05, All driver versions prior to 580.159.03, All driver versions prior to 535.309.01
Nvidia Tesla — versions All driver versions prior to 595.71.05, All driver versions prior to 580.159.03, All driver versions prior to 535.309.01
Nvidia Virtual Gpu Manager — versions 595.58.02(All versions prior to and including vGPU 20.0), 580.126.08(All versions prior to and including vGPU 19.4), 595.94(All versions prior to and including vGPU 20.0)

Weakness classification (CWE)

CWE-1188 — Initialization of a Resource with an Insecure Default

References

Frequently asked questions

What is CVE-2026-24197?: CVE-2026-24197 is a medium-severity vulnerability in Nvidia Geforce, classified under Initialization of a Resource with an Insecure Default. CVSS score: 6.5/10. Published 2026-05-26.
How severe is CVE-2026-24197?: Medium severity. CVSS v3 base score is 6.5 out of 10.