CVE-2026-24153

MEDIUM 5.2

CVSS Score

5.2

EPSS Score

0.0%

EPSS Percentile

0th

NVIDIA Jetson Linux has a vulnerability in initrd, where the nvluks trusted application is not disabled. A successful exploit of this vulnerability might lead to information disclosure.

CWE	CWE-501
Vendor	nvidia
Product	jetson xavier series, jetson orin series and jetson thor
Published	Mar 31, 2026
Last Updated	Apr 1, 2026

Stay Ahead of the Next One

Get instant alerts for nvidia jetson xavier series, jetson orin series and jetson thor

Be the first to know when new medium vulnerabilities affecting nvidia jetson xavier series, jetson orin series and jetson thor are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

Attack Vector

Physical

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Changed

Confidentiality

High

Integrity

None

Availability

None

Affected Versions

NVIDIA / Jetson Xavier Series, Jetson Orin Series and Jetson Thor

All versions prior to 35.6.4

NVIDIA / Jetson Xavier Series, Jetson Orin Series and Jetson Thor

All versions prior to 36.5

NVIDIA / Jetson Xavier Series, Jetson Orin Series and Jetson Thor

38.2

References

NVD ↗ CVE.org ↗ EPSS Data ↗

nvd.nist.gov: https://nvd.nist.gov/vuln/detail/CVE-2026-24153 cve.org: https://www.cve.org/CVERecord?id=CVE-2026-24153 nvidia.custhelp.com: https://nvidia.custhelp.com/app/answers/detail/a_id/5797