Analysis and contextual insights are available on OpenCVE Cloud.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
No advisories yet.
Wed, 01 Jul 2026 18:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Write‑Outside‑Bounds Vulnerability in NVIDIA ConnectX and BlueField Command Interface Leading to Arbitrary Code Execution |
Wed, 01 Jul 2026 17:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Wed, 01 Jul 2026 15:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | NVIDIA ConnectX and BlueField contain a vulnerability in the command interface where a local user with virtual function (VF) access may cause a write out of bounds by crafted input. A successful exploit of this vulnerability may lead to arbitrary code execution on the device. | |
| Weaknesses | CWE-787 | |
| References |
| |
| Metrics |
cvssV3_1
|
Subscriptions
No data.
Status: PUBLISHED
Assigner: nvidia
Published:
Updated: 2026-07-01T16:03:30.696Z
Reserved: 2025-01-14T01:07:21.737Z
Link: CVE-2025-23350
Updated: 2026-07-01T16:03:27.311Z
No data.
No data.
OpenCVE Enrichment
Updated: 2026-07-01T18:30:15Z