Description
NVIDIA NemoClaw contains a vulnerability in the validateEndpointUrl() SSRF protection component, where an attacker could cause a server-side request forgery by supplying a crafted endpoint URL referencing the 0.0.0.0/8 address range through a blueprint configuration file or CLI flag. A successful exploit of this vulnerability may lead to information disclosure.
Published: 2026-04-28
Score: 6.3 Medium
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

NVIDIA's NemoClaw software includes an SSRF protection module called validateEndpointUrl. The flaw allows an attacker to provide a specially crafted endpoint URL that points to an address within the 0.0.0.0/8 range via either a blueprint configuration file or a command‑line flag. When the request is processed, the service initiates an internal HTTP call to the supplied address, giving the attacker the ability to reach internal resources and potentially leak sensitive information. The vulnerability is limited to information disclosure; it does not grant remote code execution or privilege escalation.

Affected Systems

The issue affects all deployments of NVIDIA's NemoClaw product that use the validateEndpointUrl component. No specific version or release number is listed, so any installation potentially using that component may be vulnerable.

Risk and Exploitability

The CVSS score of 6.3 indicates medium severity. EPSS is not available and the vulnerability is not listed in the CISA KEV catalog. Attackers likely need the ability to influence configuration files or command‑line arguments, implying local or remote access to the application layer. The attack path involves submitting a crafted URL referencing a private network address; the service then performs an outbound request, exposing internal data.

Generated by OpenCVE AI on April 29, 2026 at 01:25 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Acquire and install the latest NVIDIA NemoClaw patch or upgrade to a fixed release if available
  • Limit access so that only authorized administrators can modify blueprint configuration files or CLI flags
  • Configure network controls to block outbound requests to the 0.0.0.0/8 address range, or segment internal networks to prevent unintended exposure

Generated by OpenCVE AI on April 29, 2026 at 01:25 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 29 Apr 2026 10:30:00 +0000

Type Values Removed Values Added
First Time appeared Nvidia
Nvidia nemoclaw
Vendors & Products Nvidia
Nvidia nemoclaw

Wed, 29 Apr 2026 01:45:00 +0000

Type Values Removed Values Added
Title NVIDIA NemoClaw SSRF Vulnerability via Endpoint URL

Tue, 28 Apr 2026 19:15:00 +0000

Type Values Removed Values Added
Description NVIDIA NemoClaw contains a vulnerability in the validateEndpointUrl() SSRF protection component, where an attacker could cause a server-side request forgery by supplying a crafted endpoint URL referencing the 0.0.0.0/8 address range through a blueprint configuration file or CLI flag. A successful exploit of this vulnerability may lead to information disclosure.
Weaknesses CWE-918
References
Metrics cvssV3_1

{'score': 6.3, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N'}

Subscriptions

Nvidia Nemoclaw
cve-icon MITRE

Status: PUBLISHED

Assigner: nvidia

Published:

Updated: 2026-04-28T17:46:57.480Z

Reserved: 2026-01-21T19:09:37.972Z

Link: CVE-2026-24231

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-04-28T19:36:45.637

Modified: 2026-04-28T20:10:42.070

Link: CVE-2026-24231

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-29T10:10:29Z

Weaknesses