Primary

Context

NVIDIA Flare SDK Improper Input Validation Vulnerability Leading to Information Disclosure

Vulnerability

Patched

A vulnerability exists in NVIDIA Flare SDK prior to version 2.7.2, where improper input validation allows for path traversal. Exploitation of this vulnerability could result in unauthorized information disclosure.

Impact

Exploitation of this vulnerability could lead to unauthorized access to sensitive information.

Remediation

Users are advised to update to NVIDIA Flare SDK version 2.7.2 or later. The updated version can be downloaded from the NVIDIA/NVFlare repository on GitHub.

Added: Apr 28, 2026, 7:42 PM

Updated: Apr 28, 2026, 7:42 PM

Vulnerability Rating

Custom Algorithm

spread

0.8

impact

2.5

exploitability

5.2

remediation

7.7

relevance

6.9

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.8

impact

2.5

exploitability

5.2

remediation

7.7

relevance

6.9

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

NVIDIA Flare SDK Improper Input Validation Vulnerability Leading to Information Disclosure

Vulnerability

Impact

Remediation

Affected Products

NVIDIA Flare SDK

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating