CVE-2026-24260
HighCVSS 8.5Exploitation Probability (EPSS)
Low risk38th percentile — higher than 38% of all known CVEs
Summary
NVIDIA Container Toolkit for Linux contains a time-of-check time-of-use (TOCTOU) race condition vulnerability. Successful exploitation could lead to code execution, privilege escalation, and data tampering.
Risk Assessment
An attacker could exploit this vulnerability to gain control over containers or the host system, compromising confidentiality, integrity, and availability.
Recommendation
Immediately update NVIDIA Container Toolkit to the latest patched version. Restrict access to the toolkit to trusted users only.
Original NVD description (English source)
NVIDIA Container Toolkit for Linux contains a vulnerability where an attacker could cause a time-of-check time-of-use race condition. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, and data tampering.

