Nvidia has released patches for 14 vulnerabilities across its GeForce, RTX, Quadro, Tesla, NVS, vGPU, and Cloud Gaming product lines. The most severe flaw, CVE-2026-24187 (CVSS 8.8), is a use-after-free bug that could allow arbitrary code execution, privilege escalation, data theft, or system crashes. Patches are available via the Nvidia Driver Downloads page or Nvidia Licensing Portal, requiring version 569.49 or newer for Windows and version 590.48.01 or newer for Linux.
Vulnerability Management Nvidia releases driver updates to fix 14 critical vulnerabilities May 21, 2026 Share By SC Staff (Adobe Stock) Nvidia has released new GPU driver updates for both Windows and Linux operating systems, addressing 14 security vulnerabilities across a range of its products, according to a recent report by Tech Radar. The vulnerabilities affect GeForce, RTX, Quadro, Tesla, and NVS product lines, as well as vGPU and Cloud Gaming software. The most severe flaw, CVE-2026-24187, is a use-after-free bug with a severity rating of 8.8 out of 10. This critical vulnerability could allow attackers to execute arbitrary code, escalate privileges, steal data, or cause system crashes. Other high-severity flaws identified could also lead to code execution, privilege escalation, data tampering, and information disclosure. Some vulnerabilities impact the kernel layer on both Windows and Linux, while others exploit timing flaws specific to Windows. Patches are available via the Nvidia Driver Downloads page or Nvidia Licensing Portal, with Windows users needing version 569.49 or newer and Linux users requiring version 590.48.01 or newer. Source: Tech Radar SC Staff Related Vulnerability Management Attackers exploit SonicWall VPN vulnerability to bypass MFA SC Staff May 21, 2026 The vulnerability, CVE-2024-12802, allows threat actors to bypass MFA on SonicWall Gen6 SSL-VPN appliances by using a specific user principal name (UPN) login format. Application security APIs under pressure: How AI is rewriting the rules of enterprise security Paul Wagenseil May 20, 2026 The rapid growth of AI has created an explosion of APIs that will require new techniques to manage. Vulnerability Management Max-severity vulnerability in ChromaDB allows unauthenticated remote code execution SC Staff May 20, 2026 The vulnerability affects the Python API server logic within the PyPI package, which sees nearly 14 million monthly downloads. Get daily email updates SC Media's daily must-read of the most current and pressing daily news Business Email By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy . Subscribe Related Terms Bug Buffer Overflow Disassembly You can skip this ad in 5 seconds