CVE Catalog

CVE-2026-24260

HighCVSS 8.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.49%

38th percentile — higher than 38% of all known CVEs

Summary

NVIDIA Container Toolkit for Linux contains a time-of-check time-of-use (TOCTOU) race condition vulnerability. Successful exploitation could lead to code execution, privilege escalation, and data tampering.

Risk Assessment

An attacker could exploit this vulnerability to gain control over containers or the host system, compromising confidentiality, integrity, and availability.

Recommendation

Immediately update NVIDIA Container Toolkit to the latest patched version. Restrict access to the toolkit to trusted users only.

Original NVD description (English source)

NVIDIA Container Toolkit for Linux contains a vulnerability where an attacker could cause a time-of-check time-of-use race condition. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, and data tampering.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS