Introduction
An out of bounds write in the NVIDIA GPU Display Driver's kernel mode layer gives local attackers a path to privilege escalation, code execution, and denial of service on both Windows and Linux systems. With NVIDIA holding roughly 85 percent of the discrete GPU market and powering the vast majority of AI accelerator deployments worldwide, CVE-2026-24193 touches an enormous installed base spanning gaming workstations, professional creative systems, AI training clusters, virtual desktop infrastructure, and cloud GPU instances.
This vulnerability, disclosed on May 26, 2026 as part of a broader NVIDIA security bulletin addressing at least 15 CVEs, carries a CVSS 3.1 score of 7.8 (High). Notably, it does not affect all driver branches equally: only the R580 and R535 branches are vulnerable, with the newer R595 branch unaffected. On Windows, the R580 branch is further scoped to GPUs based on the Maxwell, Volta, and Pascal architectures.
Technical Information
Root Cause: CWE-787 Out of Bounds Write
CVE-2026-24193 is classified under CWE-787: Out of bounds Write, which MITRE defines as a weakness where "the product writes data past the end, or before the beginning, of the intended buffer." CWE-787 holds the number one position on MITRE's list of the most dangerous software weaknesses, reflecting both its prevalence and the severity of its consequences.
The vulnerability resides in the NVIDIA GPU Display Driver, which operates in kernel mode on both Windows and Linux. At this privilege level, an out of bounds write can corrupt kernel memory, overwrite kernel data structures such as function pointers or security tokens, or redirect execution flow entirely. The NVIDIA security bulletin confirms the flaw exists specifically in the R580 and R535 driver branches, while the newer R595 (and R590) branches do not contain the vulnerable code path, suggesting the issue was either already resolved or architecturally absent in those newer branches.
CVSS Vector Analysis
The CVSS 3.1 vector for this vulnerability is AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H, which breaks down as follows:
| Metric | Value | Meaning |
|---|---|---|
| Attack Vector | Local | Attacker needs local access to the system |
| Attack Complexity | Low | No special conditions or preparation required |
| Privileges Required | Low | A low privilege user account is sufficient |
| User Interaction | None | No victim action needed |
| Scope | Unchanged | Impact stays within the vulnerable component's authority |
| Confidentiality | High | Complete loss of confidentiality possible |
| Integrity | High | Complete loss of integrity possible |
| Availability | High | Complete denial of service possible |
The combination of low privileges required and no user interaction makes this vulnerability particularly concerning in multi-user environments, shared workstations, and virtualized GPU deployments where multiple tenants share underlying hardware.
Attack Flow
Based on the vulnerability class and the driver's kernel mode execution context, the exploitation chain for CVE-2026-24193 follows a well understood pattern for CWE-787 flaws in kernel drivers:
-
Initial Access: An attacker with local access to a system running an affected NVIDIA GPU driver (R580 or R535 branch) and holding low level user privileges identifies the vulnerable code path in the driver.
-
Trigger: The attacker crafts a malformed request targeting the GPU driver interface. This request is designed to cause the driver to perform a write operation that exceeds the boundaries of an allocated buffer.
-
Memory Corruption: The driver processes the request and writes data beyond the intended buffer boundary, corrupting adjacent kernel memory. Depending on the memory layout, this could overwrite function pointers, page table entries, security tokens, or other critical kernel data structures.
-
Exploitation: The attacker leverages the corrupted memory to achieve one or more of the following outcomes:
- Privilege Escalation: Overwriting security tokens to elevate from a low privilege user to SYSTEM (Windows) or root (Linux)
- Code Execution: Redirecting execution flow to attacker controlled code running at kernel privilege level
- Denial of Service: Crashing the system or GPU subsystem through memory corruption
- Information Disclosure: Reading sensitive kernel or GPU memory contents
- Data Tampering: Modifying data in kernel or GPU memory
The fact that NVIDIA lists all five impact categories (denial of service, privilege escalation, information disclosure, data tampering, and code execution) for a single vulnerability underscores the breadth of post exploitation capabilities available from this flaw.
Scope Nuances
An important detail from the NVIDIA bulletin is the architectural scoping on Windows. The R580 branch is only affected on GPUs based on the Maxwell, Volta, and Pascal architectures. This means newer GPU architectures running the R580 branch on Windows are not vulnerable to this specific CVE, even if they are on a pre-patch driver version. On Linux, no such architectural restriction is noted for the R580 branch.
The R535 branch is affected across all supported GPU architectures on both platforms.
Patch Information
NVIDIA addressed CVE-2026-24193 as part of its May 2026 GPU Display Driver Security Bulletin, initially published on May 19, 2026 and revised through May 21, 2026. Because NVIDIA's GPU display drivers are closed source, no public source code diff or commit is available; the fix is delivered entirely through updated driver binaries.
Fixed Driver Versions
Windows:
| Driver Branch | Fixed Version |
|---|---|
| R580 | 582.53 |
| R535 | 539.72 |
Linux:
| Driver Branch | Fixed Version |
|---|---|
| R580 | 580.159.03 |
| R535 | 535.309.01 |
All driver versions prior to these on the respective branches are considered vulnerable. The R595 branch is not affected by CVE-2026-24193 on either platform.
The affected product families span NVIDIA's entire lineup: GeForce, NVIDIA RTX, Quadro, NVS, and Tesla GPUs across both operating systems.
OEM Considerations
NVIDIA notes that certain OEM hardware vendors may distribute their own bundled driver versions (for example, 582.42 for Windows R580 or 539.69 for R535) that also contain the security fixes. Users receiving drivers through vendor channels should verify they are on at least the listed fixed version or its vendor equivalent.
Where to Get Updates
Consumer users can obtain updated drivers from the NVIDIA Driver Downloads page. Enterprise and vGPU users should retrieve updates through the NVIDIA Licensing Portal.
Automated Verification
Tenable published Nessus Plugin ID 316513 on May 22, 2026, which can be used to programmatically verify whether Windows hosts have been updated. The plugin checks the driver's self reported version number against the patched thresholds from the bulletin.
Detection Methods
The primary means of detecting CVE-2026-24193 in your environment is through version based vulnerability scanning. No exploit specific signatures, YARA rules, Snort rules, or network based indicators of compromise have been publicly released for this vulnerability. This is consistent with its nature as a local out of bounds write in the kernel mode driver layer, where network based detection is largely impractical.
Tenable Nessus Plugins
Two Nessus plugins were published on May 22, 2026 that specifically cover CVE-2026-24193:
-
Plugin ID 316513 (NVIDIA Windows GPU Display Driver, May 2026): A local check that runs via the Nessus agent on Windows hosts. It reads the self reported NVIDIA driver version through the WMI
DisplayDrivers/NVIDIAknowledge base item and compares it against the patched driver versions. The plugin does not attempt to exploit the vulnerability. -
Plugin ID 316514 (NVIDIA Linux GPU Display Driver, May 2026): The Linux counterpart, running locally via the Unix agent. It requires the
NVIDIA_UNIX_Driver/VersionandNVIDIA_UNIX_Driver/GPU_ModelKB items for version comparison.
Both plugins are rated High severity and are tagged with IAVA 2026-A-0493, indicating that the U.S. Defense Information Systems Agency (DISA) has issued an Information Assurance Vulnerability Alert for this batch of NVIDIA driver vulnerabilities. Organizations running DISA STIG compliance scans should see this flagged accordingly.
Manual Version Based Detection
For teams without Nessus, manual or scripted version checks can be performed against the specific affected driver branches:
- Windows R580 branch: All versions prior to 582.53 are vulnerable (only GPUs based on Maxwell, Volta, and Pascal architectures are affected in this branch)
- Windows R535 branch: All versions prior to 539.72 are vulnerable
- Linux R580 branch: All versions prior to 580.159.03 are vulnerable
- Linux R535 branch: All versions prior to 535.309.01 are vulnerable
On Windows, you can check the installed NVIDIA driver version via the NVIDIA Control Panel, Device Manager, or by querying WMI programmatically. On Linux, the nvidia-smi utility or reading /proc/driver/nvidia/version will reveal the installed driver version. Any version falling below the thresholds above within the affected branches should be flagged as vulnerable.
Absence of Exploit Based Detection
At the time of writing, Tenable explicitly notes that no known exploits are available for CVE-2026-24193, and the exploit ease is categorized as unavailable. No Sigma rules, YARA signatures, Snort/Suricata rules, or behavioral IoCs tied to active exploitation of this specific CVE have been identified. Detection is currently limited to proactive vulnerability identification through version checking rather than reactive exploit detection.
Affected Systems and Versions
CVE-2026-24193 affects the following NVIDIA GPU Display Driver branches and product lines:
Affected Driver Branches
| Platform | Branch | Vulnerable Versions | Fixed Version |
|---|---|---|---|
| Windows | R580 | All versions prior to 582.53 | 582.53 |
| Windows | R535 | All versions prior to 539.72 | 539.72 |
| Linux | R580 | All versions prior to 580.159.03 | 580.159.03 |
| Linux | R535 | All versions prior to 535.309.01 | 535.309.01 |
Not Affected
- R595 branch (Windows and Linux): CVE-2026-24193 is not listed among the addressed CVEs for this branch, indicating the vulnerable code path does not exist or was already resolved.
- R590 branch: Similarly unaffected.
Affected Product Families
- NVIDIA GeForce
- NVIDIA RTX
- NVIDIA Quadro
- NVIDIA NVS
- NVIDIA Tesla
Architecture Restrictions (Windows Only)
On Windows, the R580 branch is only affected on GPUs based on the Maxwell, Volta, and Pascal architectures. Newer architectures running the R580 branch on Windows are not vulnerable to this specific CVE.
vGPU Software
Organizations running NVIDIA vGPU software are also affected. The relevant vGPU guest driver and Virtual GPU Manager updates are documented in the NVIDIA May 2026 Security Bulletin.
NVD Enrichment Status
The NVD record for CVE-2026-24193 is currently marked as "Undergoing Enrichment," meaning CVSS vector strings, CPE applicability statements, and affected version mappings are not yet populated in NVD. Automated vulnerability management tools that rely on NVD data for CPE matching may not yet flag this CVE against specific asset inventories. Organizations should consult the NVIDIA security bulletin directly for the authoritative list of affected products and patched versions.
Vendor Security History
NVIDIA has a well established pattern of publishing GPU display driver security bulletins on a regular cadence. The May 2026 bulletin, which includes CVE-2026-24193, addresses at least 15 CVEs spanning High and Medium severities. Prior bulletins in this series include the January 2026 and October 2025 editions, each addressing multiple vulnerabilities across the driver stack.
Several other CVEs in the same May 2026 bulletin share the CVSS 7.8 score, including CVE-2026-24190 (improper access to GPU resources) and CVE-2026-24191 (time of check time of use), indicating systemic complexity in the driver codebase. This pattern of recurring multi-vulnerability bulletins is consistent with the inherent complexity of GPU driver software, which includes kernel mode components, memory management subsystems, and hardware abstraction layers.
Starting October 1, 2025, NVIDIA PSIRT began publishing security bulletins on GitHub in Markdown, CSAF, and CVE formats to meet industry demand for machine readable vulnerability data. The frequency of disclosures, while reflecting NVIDIA's commitment to responsible disclosure and patching, also underscores the persistent risk inherent in deploying NVIDIA GPU drivers in security sensitive environments.
Dell has also published DSA-2026-015, a downstream security update for Dell client platforms addressing multiple NVIDIA GPU display driver vulnerabilities from this bulletin cycle.
References
- CVE-2026-24193 Detail (NVD)
- CVE-2026-24193 (CVE.org)
- Security Bulletin: NVIDIA GPU Display Drivers, May 2026
- GitHub Security Advisory GHSA-7gvm-xr2x-wg8x
- Tenable Nessus Plugin 316513: NVIDIA Windows GPU Display Driver (May 2026)
- Tenable Nessus Plugin 316514: NVIDIA Linux GPU Display Driver (May 2026)
- Tenable CVE-2026-24193
- NVIDIA GPU Driver Security Update (SecurityOnline)
- CWE-787: Out of bounds Write
- NVIDIA Product Security
- NVIDIA PSIRT Policies
- NVIDIA reveal more GPU driver security flaws for May 2026 (GamingOnLinux)
- NVIDIA AI GPU Market Share 2026 (Silicon Analysts)
- Nvidia's 85% GPU Market Share Faces Growing Competition (Yahoo Finance)
- DSA-2026-015: Dell Security Update for NVIDIA GPU Display Driver Vulnerabilities
- Security Bulletin: NVIDIA GPU Display Drivers, January 2026



