CVE-2026-24178
CriticalSummary
The NVIDIA NVFlare Dashboard contains a vulnerability in the user management and authentication system that allows an unauthenticated attacker to bypass authorization through a user-controlled key. Successful exploitation of this vulnerability may lead to privilege escalation, data tampering, information disclosure, code execution, and denial of service.
Risk Assessment
Exploitation of this vulnerability could severely compromise the organization's security, allowing attackers unauthorized access to the system and data. This may result in serious consequences such as data loss and privacy breaches.
Recommendation
It is recommended to update the NVIDIA NVFlare software to the latest version to eliminate this vulnerability. Additionally, implementing further security measures to monitor and restrict access to the system is advisable.
Original NVD description (English source)
NVIDIA NVFlare Dashboard contains a vulnerability in the user management and authentication system where an unauthenticated attacker may cause authorization bypass through user-controlled key. A successful exploit of this vulnerability may lead to privilege escalation, data tampering, information disclosure, code execution, and denial of service.

