Every CVE whose affected-product data names Nvidia Nvflare, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2022-31604 — CVSS 9.8 (critical): NVFLARE, versions prior to 2.1.2, contains a vulnerability in its PKI implementation module, where The CA credentials are transported via…
CVE-2022-31605 — CVSS 9.8 (critical): NVFLARE, versions prior to 2.1.2, contains a vulnerability in its utils module, where YAML files are loaded via yaml.load() instead of…
CVE-2022-34668 — CVSS 9.8 (critical): NVFLARE, versions prior to 2.1.4, contains a vulnerability that deserialization of Untrusted Data due to Pickle usage may allow an…
CVE-2026-24178 — CVSS 9.8 (critical): NVIDIA NVFlare Dashboard contains a vulnerability in the user management and authentication system where an unauthenticated attacker may…
CVE-2026-24186 — CVSS 8.8 (high): NVIDIA FLARE SDK contains a vulnerability in FOBS, where an attacker may cause deserialization of untrusted data by sending a malicious…
CVE-2026-24204 — CVSS 6.5 (medium): NVIDIA Flare SDK contains a vulnerability where an Attacker may cause an Improper Input Validation by path traversing. A successful exploit…