Description

NVIDIA NeMoClaw contains a vulnerability in the sandbox environment initialization component, where a remote attacker could cause improper access control by sending prompt-injected content that causes the agent to read and exfiltrate host environment variables not properly restricted during sandbox creation. A successful exploit of this vulnerability might lead to information disclosure.

INFO

Published Date :

2026-04-28T17:46:37.015Z

Last Modified :

2026-04-29T15:11:41.945Z

Source :

nvidia
AFFECTED PRODUCTS

The following products are affected by CVE-2026-24222 vulnerability.

Vendors Products
Nvidia
  • Nemoclaw
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-24222.

URL Resource
https://nvd.nist.gov/vuln/detail/CVE-2026-24222 cve-icon cve-icon
https://nvidia.custhelp.com/app/answers/detail/a_id/5837 cve-icon cve-icon
https://www.cve.org/CVERecord?id=CVE-2026-24222 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact