Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
9.9
CVE-2026-41512: NVIDIA Garak AI Scanner Remote Code Execution Vulnerability
CVE-2026-41512
Summary
The NVIDIA Garak AI Scanner has a security issue that allows attackers to inject malicious code into the browser. This could potentially allow them to take control of the system. Users should update to version 1.4.1 or later to fix the issue.
Original title
ai-scanner is an AI model safety scanner built on NVIDIA garak. From version 1.0.0 to before version 1.4.1, there is a remote code execution vulnerability via JavaScript injection in `BrowserAutoma...
Original description
ai-scanner is an AI model safety scanner built on NVIDIA garak. From version 1.0.0 to before version 1.4.1, there is a remote code execution vulnerability via JavaScript injection in `BrowserAutomation::PlaywrightService`. This issue has been patched in version 1.4.1.
nvd CVSS3.1
9.9
Vulnerability type
CWE-94
Code Injection
Published: 8 May 2026 · Updated: 28 May 2026 · First seen: 8 May 2026