Primary

Context

NVIDIA KAI Scheduler Improper Authorization Vulnerability Allowing Data Tampering

Vulnerability

A vulnerability in NVIDIA KAI Scheduler prior to version 0.13.0 allows attackers to cause improper authorization by exploiting cross-namespace pod references. This could lead to unauthorized data manipulation.

Impact

Exploitation of this vulnerability could result in unauthorized data tampering.

Remediation

Users are advised to update to NVIDIA KAI Scheduler version 0.13.0 or later. The updated version can be downloaded from the KAI-Scheduler GitHub repository.

Added: Apr 21, 2026, 7:17 PM

Updated: Apr 21, 2026, 7:17 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.3

exploitability

5.2

remediation

0.0

relevance

6.4

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.3

exploitability

5.2

remediation

0.0

relevance

6.4

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

NVIDIA KAI Scheduler Improper Authorization Vulnerability Allowing Data Tampering

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating