CVE-2026-24222:
CVE-2026-24222 is a high-severity improper access control vulnerability in NVIDIA NeMoClaw's sandbox environment initialization component that allows remote attackers to exfiltrate host environment variables via prompt injection, leading to information disclosure.
Score
A numerical rating that indicates how dangerous this vulnerability is.
8.6High- Published Date:Apr 28, 2026
- CISA KEV Date:*No Data*
- Industries Affected:20
Exploitability
- Score:3.9
- Attack Vector:NETWORK
- Attack Complexity:LOW
- Privileges Required:NONE
- User Interaction:NONE
- Scope:CHANGED
Impact
- Score:4.0
- Confidentiality Impact:HIGH
- Integrity Impact:NONE
- Availability Impact:NONE
Description Preview
CVE-2026-24222 is a high-severity improper access control vulnerability in NVIDIA NeMoClaw's sandbox environment initialization component that allows remote attackers to exfiltrate host environment variables via prompt injection, leading to information disclosure.
Overview
CVE-2026-24222 affects NVIDIA NeMoClaw, an AI agent framework, where the sandbox environment initialization component fails to properly restrict host environment variables from being accessible within the sandboxed execution context. An unauthenticated remote attacker can craft and submit prompt-injected content that instructs the AI agent to read and transmit host environment variables outside the intended security boundary. Because the sandbox does not adequately filter or isolate these variables at creation time, the agent can be manipulated into disclosing sensitive system-level information. The vulnerability is assigned a CVSS 3.1 score of 8.6 (HIGH) with the vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N, reflecting the ease of remote exploitation and the high confidentiality impact with a changed scope. The primary weakness is CWE-497, involving improper exposure of sensitive system information to an unauthorized control sphere.
Remediation
- Users and administrators of NVIDIA NeMoClaw should apply any patches or updated versions provided by NVIDIA as referenced in the official security advisory at https://nvidia.custhelp.com/app/answers/detail/a_id/5837. Until a patch is applied, organizations should consider restricting the environment variables accessible to the NeMoClaw sandbox at the operating system or container level, sanitizing and validating all inputs submitted to the agent to prevent prompt injection, limiting the exposure of sensitive credentials and secrets in host environment variables, and monitoring agent activity for anomalous data exfiltration behavior. Network-level controls to restrict unauthorized external access to NeMoClaw deployments should also be implemented as a defense-in-depth measure.
References
- - [CVE-2026-24222 - NVD Detail](https://nvd.nist.gov/vuln/detail/CVE-2026-24222)
- - [NVIDIA Security Advisory - Answer ID 5837](https://nvidia.custhelp.com/app/answers/detail/a_id/5837)
- - [CVE Record - CVE-2026-24222](https://www.cve.org/CVERecord?id=CVE-2026-24222)
- - [CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere](https://cwe.mitre.org/data/definitions/497.html)
Industries Affected
Below is a list of industries most commonly impacted or potentially at risk based on intelligence.
